pam_ssh-2.1-2.27 RPM for ppc64le

From OpenSuSE Leap 15.5 for ppc64le

This module provides single sign-on behavior. The user types a
passphrase when logging in and is allowed in if it decrypts the user s
SSH private key. An ssh-agent is started and keys are added. For the
entire session, the user types no more passwords.

Provides

• pam_ssh
• pam_ssh(ppc-64)

Requires

• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.25)(64bit)
• libcrypto.so.1.1()(64bit)
• libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)
• libpam.so.0()(64bit)
• libpam.so.0(LIBPAM_1.0)(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsXz) <= 5.2-1

License

BSD-3-Clause

Changelog

* Fri Dec 01 2017 dimstar@opensuse.org
  - Explicitly call autoreconf: an implicit call requires the same
    version automake/autoconf to be present that was used to
    originally bootstrap the tarball (version 1.13).
* Thu Nov 30 2017 vcizek@suse.com
  - Add support for building with OpenSSL 1.1 (bsc#1066988)
    * partly based on https://github.com/openssh/openssh-portable/pull/48
    * add pam_ssh-openssl11.patch
* Fri Jun 05 2015 mpluskal@suse.com
  - Update to 2.1
    * session/login/default keys lexical sort order
    * add ED25519 key support
    * updated openssh embedded code to 6.7p1
  - Cleanup spec file with spec-cleaner
* Sun Mar 08 2015 p.drouand@gmail.com
  - Update to version 2.01
    * pam_ssh.1: updated man page to reflect the current implementation
  - Remove gpg-offline require and verification; OBS handles it
  - Use download Url as source
* Mon Nov 18 2013 wr@rosenauer.org
  - update to 2.0
    * added support for ECDSA keys
    * ssh-agent is now spawned in a different improved way
    * ssh-agent is not started anymore for users without keys
    * support try_first_password PAM option
    * still ask for passphrase even if user does not exist
    * expect keys used for login in ~/.ssh/login-keys.d directory
      (see README; this behaviour will cause old setups to fail
      since the default keys are not used anymore for auth)
    * "keyfiles" option has been removed and all found keys
      which can be opened using the provided passphrase will be
      added to the agent
    * alternative keys not used for login purposes and not named
      like the default keys will be decrypted and saved for the
      agent when placed in ~/.ssh/session-keys.d directory
    * when there is no controlling tty now use the PID to
      create the session file
    * return PAM_SESSION_ERR from within the session part
      instead of PAM_AUTH_ERR
    * honour TMPDIR for ssh-agent
    * start ssh-agent with GID of the group given at
      compile time to the new configure option
    - -with-ssh-agent-group
  - switched archive to XZ
  - verify detached signature
* Thu Jun 06 2013 vcizek@suse.com
  - restore credentials before exitting from pam_sm_open_session
    * fixes bnc#823484
    * added James Carter's pam_ssh-1.97-no_tty_stay_as_user.patch
* Mon Apr 29 2013 wr@rosenauer.org
  - update to 1.98
    * bugfix update obsoleting
    - pam_ssh-1.97-empty_passphrase_segfault.patch
    - pam_ssh-1.97-setgid.patch
    - pam_ssh-1.97-sigmask.patch
    - pam_ssh-double-free.patch
* Sat Jan 12 2013 coolo@suse.com
  - remove suse_update_config
* Thu Jan 12 2012 vcizek@suse.com
  - added patch that prevents segfault when empty passphrase is
    supplied (bnc#741541)
* Mon Nov 28 2011 jengelh@medozas.de
  - Remove redundant/unwanted tags/section (cf. specfile guidelines)
  - Use %_smp_mflags for parallel building
* Sun Nov 27 2011 coolo@suse.com
  - add libtool as buildrequire to avoid implicit dependency
* Sun Oct 30 2011 mkubecek@suse.cz
  - pam_ssh-1.97-sigmask.patch:
    Clear signal mask before executing ssh-agent as pam_ssh code can
    be called from kdm with blocked TERM signal which would be
    inherited by ssh-agent (bnc#727246).
* Wed May 11 2011 vcizek@novell.com
  - set gid/groups before executing ssh-agent (bnc#665061)
* Mon Apr 18 2011 vcizek@novell.com
  - fix for bnc#688120 (pam_ssh double free)
* Mon Feb 01 2010 jengelh@medozas.de
  - package baselibs.conf
* Wed Jun 24 2009 sbrabec@suse.cz
  - Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
* Wed Jun 24 2009 sbrabec@suse.cz
  - Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
* Tue Apr 14 2009 anicka@suse.cz
  - update to 1.97
    * pam_get_pass.c: CVE-2009-1273
    pam_ssh used a certain prompt if a user found to exist to ask
    for the SSH passphrase explicitely depending on whether the
    username was valid or invalid, which made it easier for remote
    attackers to enumerate usernames.
  - remove last patch
* Fri Apr 10 2009 anicka@suse.cz
  - add fix for CVE-2009-1273 (bnc#492764) taken from Red Hat
    bugzilla (#492153)

Files

/lib64/security/pam_ssh.so
/usr/share/doc/packages/pam_ssh
/usr/share/doc/packages/pam_ssh/NEWS
/usr/share/doc/packages/pam_ssh/README
/usr/share/doc/packages/pam_ssh/TODO
/usr/share/man/man8/pam_ssh.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Feb 9 16:16:51 2026