diff options
| author | snj <snj@pkgsrc.org> | 2009-08-26 21:10:11 +0000 |
|---|---|---|
| committer | snj <snj@pkgsrc.org> | 2009-08-26 21:10:11 +0000 |
| commit | e60135222218c03d1c5b69889206221f6693254a (patch) | |
| tree | 1c50db7cea08875ffb65effb3d8a64423a81150f /security/dropbear/PLIST | |
| parent | 9fea215039e6e5e1ef56593f4113cab4fe3a6ea0 (diff) | |
| download | pkgsrc-e60135222218c03d1c5b69889206221f6693254a.tar.gz | |
Update dropbear to 0.52. Build an scp binary and call it dbscp so it
doesn't conflict with openssh.
Changes since 0.50:
0.52 - Wed 12 November 2008
- Add "netcat-alike" option (-B) to dbclient, allowing Dropbear to
tunnel standard input/output to a TCP port-forwarded remote host.
- Add "proxy command" support to dbclient, to allow using a spawned
process for IO rather than a direct TCP connection. eg
dbclient remotehost
is equivalent to
dbclient -J 'nc remotehost 22' remotehost
(the hostname is still provided purely for looking up saved host keys)
- Combine netcat-alike and proxy support to allow "multihop"
connections, with comma-separated host syntax. Allows running
dbclient user1@host1,user2@host2,user3@host3
to end up at host3 via the other two, using SSH TCP forwarding. It's
a bit like onion-routing. All connections are established from the
local machine. The comma-separated syntax can also be used for
scp/rsync, eg
rsync -a -e dbclient m@gateway,m2@host,martello:/home/matt/ ~/backup/
to bounce through a few hosts.
- Add -I "idle timeout" option (contributed by Farrell Aultman)
- Allow restrictions on authorized_keys logins such as restricting
commands to be run etc. This is a subset of those allowed by OpenSSH,
doesn't yet allow restricting source host.
- Use vfork() for scp on uClinux
- Default to PATH=/usr/bin:/bin for shells.
- Report errors if -R forwarding fails
- Add counter mode cipher support, which avoids some security problems
with the standard CBC mode.
- Support zlib@openssh.com delayed compression for client/server. It
can be required for the Dropbear server with the '-Z' option. This
is useful for security as it avoids exposing the server to attacks
on zlib by unauthenticated remote users, though requires client side
support.
- options.h has been split into options.h (user-changable) and
sysoptions.h (less commonly changed)
- Support "dbclient -s sftp" to specify a subsystem
- Fix a bug in replies to channel requests that could be triggered by
recent versions of PuTTY
0.51 - Thu 27 March 2008
- Make a copy of password fields rather erroneously relying on getwpnam()
to be safe to call multiple times
- If $SSH_ASKPASS_ALWAYS environment variable is set (and $SSH_ASKPASS is
as well) always use that program, ignoring isatty() and $DISPLAY
- Wait until a process exits before the server closes a connection, so
that an exit code can be sent. This fixes problems with exit codes not
being returned, which could cause scp to fail.
Diffstat (limited to 'security/dropbear/PLIST')
| -rw-r--r-- | security/dropbear/PLIST | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/dropbear/PLIST b/security/dropbear/PLIST index a1e2b935cf4..1759e0be19b 100644 --- a/security/dropbear/PLIST +++ b/security/dropbear/PLIST @@ -1,5 +1,6 @@ -@comment $NetBSD: PLIST,v 1.4 2009/06/14 18:13:28 joerg Exp $ +@comment $NetBSD: PLIST,v 1.5 2009/08/26 21:10:11 snj Exp $ bin/dbclient +bin/dbscp bin/dropbearconvert bin/dropbearkey man/man1/dbclient.1 |