1# Default values for additional components 2%define build_x11_askpass 1 3 4# Define the UID/GID to use for privilege separation 5%define sshd_gid 65 6%define sshd_uid 71 7 8# The version of x11-ssh-askpass to use 9%define xversion 1.2.4.1 10 11# Allow the ability to override defaults with -D skip_xxx=1 12%{?skip_x11_askpass:%define build_x11_askpass 0} 13 14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation 15Name: openssh 16Version: 9.4p1 17URL: https://www.openssh.com/ 18Release: 1 19Source0: openssh-%{version}.tar.gz 20Source1: x11-ssh-askpass-%{xversion}.tar.gz 21License: BSD 22Group: Productivity/Networking/SSH 23BuildRoot: %{_tmppath}/openssh-%{version}-buildroot 24PreReq: openssl 25Obsoletes: ssh 26Provides: ssh 27# 28# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) 29# building prerequisites -- stuff for 30# OpenSSL (openssl-devel), 31# and Gnome (glibdev, gtkdev, and gnlibsd) 32# 33BuildPrereq: openssl 34BuildPrereq: zlib-devel 35#BuildPrereq: glibdev 36#BuildPrereq: gtkdev 37#BuildPrereq: gnlibsd 38 39%package askpass 40Summary: A passphrase dialog for OpenSSH and the X window System. 41Group: Productivity/Networking/SSH 42Requires: openssh = %{version} 43Obsoletes: ssh-extras 44Provides: openssh:${_libdir}/ssh/ssh-askpass 45 46%if %{build_x11_askpass} 47BuildPrereq: XFree86-devel 48%endif 49 50%description 51Ssh (Secure Shell) is a program for logging into a remote machine and for 52executing commands in a remote machine. It is intended to replace 53rlogin and rsh, and provide secure encrypted communications between 54two untrusted hosts over an insecure network. X11 connections and 55arbitrary TCP/IP ports can also be forwarded over the secure channel. 56 57OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 58up to date in terms of security and features, as well as removing all 59patented algorithms to separate libraries (OpenSSL). 60 61This package includes all files necessary for both the OpenSSH 62client and server. 63 64%description askpass 65Ssh (Secure Shell) is a program for logging into a remote machine and for 66executing commands in a remote machine. It is intended to replace 67rlogin and rsh, and provide secure encrypted communications between 68two untrusted hosts over an insecure network. X11 connections and 69arbitrary TCP/IP ports can also be forwarded over the secure channel. 70 71OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 72up to date in terms of security and features, as well as removing all 73patented algorithms to separate libraries (OpenSSL). 74 75This package contains an X Window System passphrase dialog for OpenSSH. 76 77%changelog 78* Mon Jul 20 2020 Damien Miller <djm@mindrto.org> 79- Add ssh-sk-helper and corresponding manual page. 80* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov> 81- Removed accidental inclusion of --without-zlib-version-check 82* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov> 83- Overhaul to deal with newer versions of SuSE and OpenSSH 84* Mon Jun 12 2000 Damien Miller <djm@mindrot.org> 85- Glob manpages to catch compressed files 86* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> 87- Updated for new location 88- Updated for new gnome-ssh-askpass build 89* Sun Dec 26 1999 Chris Saia <csaia@wtower.com> 90- Made symlink to gnome-ssh-askpass called ssh-askpass 91* Wed Nov 24 1999 Chris Saia <csaia@wtower.com> 92- Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and 93 /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into 94 his released tarfile 95- Changed permissions on ssh_config in the install procedure to 644 from 600 96 even though it was correct in the %files section and thus right in the RPMs 97- Postinstall script for the server now only prints "Generating SSH host 98 key..." if we need to actually do this, in order to eliminate a confusing 99 message if an SSH host key is already in place 100- Marked all manual pages as %doc(umentation) 101* Mon Nov 22 1999 Chris Saia <csaia@wtower.com> 102- Added flag to configure daemon with TCP Wrappers support 103- Added building prerequisites (works in RPM 3.0 and newer) 104* Thu Nov 18 1999 Chris Saia <csaia@wtower.com> 105- Made this package correct for SuSE. 106- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly 107 with SuSE, and lib_pwdb.so isn't installed by default. 108* Mon Nov 15 1999 Damien Miller <djm@mindrot.org> 109- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> 110* Sat Nov 13 1999 Damien Miller <djm@mindrot.org> 111- Added 'Obsoletes' directives 112* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> 113- Use make install 114- Subpackages 115* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> 116- Added links for slogin 117- Fixed perms on manpages 118* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> 119- Renamed init script 120* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> 121- Back to old binary names 122* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> 123- Use autoconf 124- New binary names 125* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> 126- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. 127 128%prep 129 130%if %{build_x11_askpass} 131%setup -q -a 1 132%else 133%setup -q 134%endif 135 136%build 137CFLAGS="$RPM_OPT_FLAGS" \ 138%configure --prefix=/usr \ 139 --sysconfdir=%{_sysconfdir}/ssh \ 140 --mandir=%{_mandir} \ 141 --with-privsep-path=/var/lib/empty \ 142 --with-pam \ 143 --libexecdir=%{_libdir}/ssh 144make 145 146%if %{build_x11_askpass} 147cd x11-ssh-askpass-%{xversion} 148%configure --mandir=/usr/X11R6/man \ 149 --libexecdir=%{_libdir}/ssh 150xmkmf -a 151make 152cd .. 153%endif 154 155%install 156rm -rf $RPM_BUILD_ROOT 157make install DESTDIR=$RPM_BUILD_ROOT/ 158install -d $RPM_BUILD_ROOT/etc/pam.d/ 159install -d $RPM_BUILD_ROOT/etc/init.d/ 160install -d $RPM_BUILD_ROOT/var/adm/fillup-templates 161install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd 162install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd 163install -m744 contrib/suse/sysconfig.ssh \ 164 $RPM_BUILD_ROOT/var/adm/fillup-templates 165 166%if %{build_x11_askpass} 167cd x11-ssh-askpass-%{xversion} 168make install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/ 169rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin 170%endif 171 172%clean 173rm -rf $RPM_BUILD_ROOT 174 175%pre 176/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || : 177/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : 178 179%post 180/usr/bin/ssh-keygen -A 181%{fillup_and_insserv -n -y ssh sshd} 182%run_permissions 183 184%verifyscript 185%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh 186 187%preun 188%stop_on_removal sshd 189 190%postun 191%restart_on_update sshd 192%{insserv_cleanup} 193 194%files 195%defattr(-,root,root) 196%doc ChangeLog OVERVIEW README* PROTOCOL* 197%doc TODO CREDITS LICENCE 198%attr(0755,root,root) %dir %{_sysconfdir}/ssh 199%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config 200%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config 201%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli 202%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd 203%attr(0755,root,root) %config /etc/init.d/sshd 204%attr(0755,root,root) %{_bindir}/ssh-keygen 205%attr(0755,root,root) %{_bindir}/scp 206%attr(0755,root,root) %{_bindir}/ssh 207%attr(0755,root,root) %{_bindir}/ssh-agent 208%attr(0755,root,root) %{_bindir}/ssh-add 209%attr(0755,root,root) %{_bindir}/ssh-keyscan 210%attr(0755,root,root) %{_bindir}/sftp 211%attr(0755,root,root) %{_sbindir}/sshd 212%attr(0755,root,root) %dir %{_libdir}/ssh 213%attr(0755,root,root) %{_libdir}/ssh/sftp-server 214%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign 215%attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper 216%attr(0755,root,root) %{_libdir}/ssh/ssh-sk-helper 217%attr(0644,root,root) %doc %{_mandir}/man1/scp.1* 218%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1* 219%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1* 220%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1* 221%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1* 222%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1* 223%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1* 224%attr(0644,root,root) %doc %{_mandir}/man5/moduli.5* 225%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5* 226%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5* 227%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8* 228%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8* 229%attr(0644,root,root) %doc %{_mandir}/man8/ssh-pkcs11-helper.8* 230%attr(0644,root,root) %doc %{_mandir}/man8/ssh-sk-helper.8* 231%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8* 232%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh 233 234%if %{build_x11_askpass} 235%files askpass 236%defattr(-,root,root) 237%doc x11-ssh-askpass-%{xversion}/README 238%doc x11-ssh-askpass-%{xversion}/ChangeLog 239%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad 240%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass 241%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass 242%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x* 243%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x* 244%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass 245%endif 246