Your message dated Wed, 02 Dec 2015 21:58:04 +0000 with message-id <E1a4FPY-0004uP-OB@franck.debian.org> and subject line Bug#779068: fixed in openssh 1:7.1p1-1 has caused the Debian Bug report #779068, regarding openssh-client: document that ssh -R and -L can now be used to forward UNIX-domain sockets using the streamlocal stuff to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 779068: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779068 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: openssh-client: document that ssh -R and -L can now be used to forward UNIX-domain sockets using the streamlocal stuff
- From: Paul Wise <pabs@debian.org>
- Date: Tue, 24 Feb 2015 11:40:20 +0800
- Message-id: <1424749220.17940.23.camel@debian.org>
Package: openssh-client Version: 1:6.7p1-3 Severity: wishlist Usertags: docs OpenSSH recently added a method to forward UNIX-domain sockets. http://www.25thandclement.com/~william/projects/streamlocal.html Unfortunately the documentation for -R and -L in the ssh manual page still only mentions forwarding TCP ports, it would be nice to mention forwarding sockets in the documentation of -R and -L as well as adding a "SOCKET FORWARDING" section before/after the "TCP FORWARDING" section. -- bye, pabs https://wiki.debian.org/PaulWiseAttachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---
- To: 779068-close@bugs.debian.org
- Subject: Bug#779068: fixed in openssh 1:7.1p1-1
- From: Colin Watson <cjwatson@debian.org>
- Date: Wed, 02 Dec 2015 21:58:04 +0000
- Message-id: <E1a4FPY-0004uP-OB@franck.debian.org>
Source: openssh Source-Version: 1:7.1p1-1 We believe that the bug you reported is fixed in the latest version of openssh, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 779068@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Colin Watson <cjwatson@debian.org> (supplier of updated openssh package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 02 Dec 2015 20:18:35 +0000 Source: openssh Binary: openssh-client openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source Version: 1:7.1p1-1 Distribution: unstable Urgency: medium Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 779068 785190 Changes: openssh (1:7.1p1-1) unstable; urgency=medium . * New upstream release (http://www.openssh.com/txt/release-7.0, closes: #785190): - Support for the legacy SSH version 1 protocol is disabled by default at compile time. - Support for the 1024-bit diffie-hellman-group1-sha1 key exchange is disabled by default at run-time. It may be re-enabled using the instructions at http://www.openssh.com/legacy.html - Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by default at run-time. These may be re-enabled using the instructions at http://www.openssh.com/legacy.html - Support for the legacy v00 cert format has been removed. - The default for the sshd_config(5) PermitRootLogin option has changed from "yes" to "prohibit-password". - PermitRootLogin=without-password/prohibit-password now bans all interactive authentication methods, allowing only public-key, hostbased and GSSAPI authentication (previously it permitted keyboard-interactive and password-less authentication if those were enabled). - ssh_config(5): Add PubkeyAcceptedKeyTypes option to control which public key types are available for user authentication. - sshd_config(5): Add HostKeyAlgorithms option to control which public key types are offered for host authentications. - ssh(1), sshd(8): Extend Ciphers, MACs, KexAlgorithms, HostKeyAlgorithms, PubkeyAcceptedKeyTypes and HostbasedKeyTypes options to allow appending to the default set of algorithms instead of replacing it. Options may now be prefixed with a '+' to append to the default, e.g. "HostKeyAlgorithms=+ssh-dss". - sshd_config(5): PermitRootLogin now accepts an argument of 'prohibit-password' as a less-ambiguous synonym of 'without- password'. - ssh(1), sshd(8): Add compatability workarounds for Cisco and more PuTTY versions. - Fix some omissions and errors in the PROTOCOL and PROTOCOL.mux documentation relating to Unix domain socket forwarding. - ssh(1): Improve the ssh(1) manual page to include a better description of Unix domain socket forwarding (closes: #779068). - ssh(1), ssh-agent(1): Skip uninitialised PKCS#11 slots, fixing failures to load keys when they are present. - ssh(1), ssh-agent(1): Do not ignore PKCS#11 hosted keys that wth empty CKA_ID. - sshd(8): Clarify documentation for UseDNS option. - Check realpath(3) behaviour matches what sftp-server requires and use a replacement if necessary. * New upstream release (http://www.openssh.com/txt/release-7.1): - sshd(8): OpenSSH 7.0 contained a logic error in PermitRootLogin= prohibit-password/without-password that could, depending on compile-time configuration, permit password authentication to root while preventing other forms of authentication. This problem was reported by Mantas Mikulenas. - ssh(1), sshd(8): Add compatibility workarounds for FuTTY. - ssh(1), sshd(8): Refine compatibility workarounds for WinSCP. - Fix a number of memory faults (double-free, free of uninitialised memory, etc) in ssh(1) and ssh-keygen(1). Reported by Mateusz Kocielski. * Change "PermitRootLogin without-password" to the new preferred spelling of "PermitRootLogin prohibit-password" in sshd_config, and update documentation to reflect the new upstream default. * Enable conch interoperability tests under autopkgtest. Checksums-Sha1: 74404353cf0d1b0c4881ebe43638a8658a4221be 2742 openssh_7.1p1-1.dsc ed22af19f962262c493fcc6ed8c8826b2761d9b6 1493170 openssh_7.1p1.orig.tar.gz f64451f488184fa814bc3691fdfa3ac5ea595dd5 147284 openssh_7.1p1-1.debian.tar.xz Checksums-Sha256: fe30647a6b3c8a709003dd1075ca58b7ecd99f376a7dd8bbe49e3247a6671231 2742 openssh_7.1p1-1.dsc fc0a6d2d1d063d5c66dffd952493d0cda256cad204f681de0f84ef85b2ad8428 1493170 openssh_7.1p1.orig.tar.gz c9b9c5c01037164203ddb00c093861d4a81dd97ba1b9ab5fc6377e64507aab8b 147284 openssh_7.1p1-1.debian.tar.xz Files: 89e07dcdc4c82810a38f4abe6ed97371 2742 net standard openssh_7.1p1-1.dsc 8709736bc8a8c253bc4eeb4829888ca5 1493170 net standard openssh_7.1p1.orig.tar.gz ef12210fd2c534eb50891e25e2c48e4c 147284 net standard openssh_7.1p1-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Colin Watson <cjwatson@debian.org> -- Debian developer iQIVAwUBVl9SLTk1h9l9hlALAQjijQ/+NM9UV0fX7kdNtsEo87RfXkExk29gYJCA ldY2Dli6nSC+8FRX/yipnj2XU7U+L28Euv0Z6QgRPLEQJUx5tF3UUxprmSabld3p M4IS5udmZDdjUuYmnxEtNLvfEgPJP1HUdIMBumB246RLQvtMN3EROFC+CjXAGLgU fF9VnQkjdnycfRLr9obuwdDCQxWFfqpcL0Ihs4bc4qs7yEeqFbOSt0OuiZSSMbLd 0Lo+4j9KKD4PpQNIiLYYzpfIZAXYCDw0sv2MMXbFEQTIoACraWBxdRep62t+6VNM z6vk2ieos9ubipBs5nEu2KV1qDEogj4PImCTkjkay46+Xg63rJjnq6GJWLTwzKGo U0Sh1znMH+fLcwRz2sU/83dTUYTAfne1kZNXpYCZwsj9E3APD2fNNrYWNm/UdtJ0 MMga7gXylwaVzAmvC0JNH/eBMv5QkAc9MCypBrnLx7JRCp6IdrwIQrX+jqdsUqou KPKEbe/+BMNjSQz/qrgTIZJ3pTwPGYrjgOUca/YnZ5CQD3Z6ohQPG7RggaJOAXOD MQoM+9cYTLIU9eS3Sll83K38B5Vpu4AUMSORGT5R9WJKb8CX+Zn8qkAtdNb0bqmK m8iM9vqoCNR0V3g7H8/O+6ySijeYbnnSFQ+jBcZMGMUeqz6VYoBa+RWmD4qU4qer J28+CdBCN3g= =3VGo -----END PGP SIGNATURE-----
--- End Message ---