Before 10.4.10:
# GSSAPI options
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange yes
# GSSAPI options
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
After 10.4.10:
# GSSAPI options
#GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange yes
Now was it really necessary to replace the file? On our image, I modify that file to restrict who can use ssh and a couple other settings. Now I have to push that file back out to all my machines.
There was really no reason for this.
CORRECTION - After further inspection, it looks like the file is not actually replaced, but modified by a fixSSHcfg.pl script within the 10.4.10 package. It also looks like modifications to the sshd_config do not always go away. The first 2 machines I updated with 10.4.10 lost the mods that I made, but then I tried a couple more and they didn't lose the customizations that I did.
digg story
2 comments:
It doesn't actually replace the file. It may modify it, though even in mine, I can't see the difference (and I have modified mine for Kerberos and AllowUsers directives).
Yea, I'm noticing that now on other machines (see correction above).
Post a Comment