From owner-svn-soc-all@FreeBSD.ORG  Wed May 27 12:49:53 2015
Return-Path: <owner-svn-soc-all@FreeBSD.ORG>
Delivered-To: svn-soc-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id AA2BD56C
 for <svn-soc-all@FreeBSD.org>; Wed, 27 May 2015 12:49:53 +0000 (UTC)
 (envelope-from stefano@FreeBSD.org)
Received: from socsvn.freebsd.org (socsvn.freebsd.org
 [IPv6:2001:1900:2254:206a::50:2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 8BA81753
 for <svn-soc-all@FreeBSD.org>; Wed, 27 May 2015 12:49:53 +0000 (UTC)
 (envelope-from stefano@FreeBSD.org)
Received: from socsvn.freebsd.org ([127.0.1.124])
 by socsvn.freebsd.org (8.14.9/8.14.9) with ESMTP id t4RCnrta011490
 for <svn-soc-all@FreeBSD.org>; Wed, 27 May 2015 12:49:53 GMT
 (envelope-from stefano@FreeBSD.org)
Received: (from www@localhost)
 by socsvn.freebsd.org (8.14.9/8.14.9/Submit) id t4RCnqoW011485
 for svn-soc-all@FreeBSD.org; Wed, 27 May 2015 12:49:52 GMT
 (envelope-from stefano@FreeBSD.org)
Date: Wed, 27 May 2015 12:49:52 GMT
Message-Id: <201505271249.t4RCnqoW011485@socsvn.freebsd.org>
X-Authentication-Warning: socsvn.freebsd.org: www set sender to
 stefano@FreeBSD.org using -f
From: stefano@FreeBSD.org
To: svn-soc-all@FreeBSD.org
Subject: socsvn commit: r286227 - in
 soc2015/stefano/picobsd/head/release/picobsd: build floppy.tree/etc
 floppy.tree/etc/ssh
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-soc-all@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the entire Summer of Code repository
 <svn-soc-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-soc-all>,
 <mailto:svn-soc-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-soc-all/>
List-Post: <mailto:svn-soc-all@freebsd.org>
List-Help: <mailto:svn-soc-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-soc-all>,
 <mailto:svn-soc-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 May 2015 12:49:53 -0000

Author: stefano
Date: Wed May 27 12:49:51 2015
New Revision: 286227
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=286227

Log:
  picobsd: fix sshd
  
  add ecdsa keys
  move keys in /etc/ssh/
  change sshd_config file
  

Modified:
  soc2015/stefano/picobsd/head/release/picobsd/build/picobsd
  soc2015/stefano/picobsd/head/release/picobsd/floppy.tree/etc/rc1
  soc2015/stefano/picobsd/head/release/picobsd/floppy.tree/etc/ssh/sshd_config

Modified: soc2015/stefano/picobsd/head/release/picobsd/build/picobsd
==============================================================================
--- soc2015/stefano/picobsd/head/release/picobsd/build/picobsd	Wed May 27 12:44:13 2015	(r286226)
+++ soc2015/stefano/picobsd/head/release/picobsd/build/picobsd	Wed May 27 12:49:51 2015	(r286227)
@@ -670,7 +670,7 @@
     ) || fail $? crunch
 
     log "Setting up host key for sshd:"
-    for K in rsa1 rsa dsa ; do
+    for K in rsa1 rsa dsa ecdsa; do
 	if [ $K = rsa1 ] ; then
 	    i=ssh_host_key
 	else

Modified: soc2015/stefano/picobsd/head/release/picobsd/floppy.tree/etc/rc1
==============================================================================
--- soc2015/stefano/picobsd/head/release/picobsd/floppy.tree/etc/rc1	Wed May 27 12:44:13 2015	(r286226)
+++ soc2015/stefano/picobsd/head/release/picobsd/floppy.tree/etc/rc1	Wed May 27 12:49:51 2015	(r286227)
@@ -54,8 +54,9 @@
 
 if [ "${sshd_enable}" = "YES" -a -f /usr/sbin/sshd ] ; then
 	echo "Starting sshd..."
-	chmod 600 /etc/ssh_host*key
-	/usr/sbin/sshd -f /etc/sshd_config
+	mv /etc/ssh_host* /etc/ssh/
+	chmod 600 /etc/ssh/*
+	/usr/sbin/sshd -f /etc/ssh/sshd_config
 fi
 
 echo ''

Modified: soc2015/stefano/picobsd/head/release/picobsd/floppy.tree/etc/ssh/sshd_config
==============================================================================
--- soc2015/stefano/picobsd/head/release/picobsd/floppy.tree/etc/ssh/sshd_config	Wed May 27 12:44:13 2015	(r286226)
+++ soc2015/stefano/picobsd/head/release/picobsd/floppy.tree/etc/ssh/sshd_config	Wed May 27 12:49:51 2015	(r286227)
@@ -1,25 +1,27 @@
 # $FreeBSD$
 # minimal config for sshd on picobsd
-Port 22
-ListenAddress 0.0.0.0
-HostKey  /etc/ssh_host_key
-#RandomSeed /etc/ssh_random_seed
-ServerKeyBits 768
-LoginGraceTime 600
-KeyRegenerationInterval 3600
-PermitRootLogin yes
-IgnoreRhosts no
-StrictModes yes
-X11Forwarding no
-X11DisplayOffset 10
-PrintMotd yes
-KeepAlive yes
-SyslogFacility AUTH
-RhostsRSAAuthentication yes
-RSAAuthentication yes
+UsePAM no
 PasswordAuthentication yes
-PermitEmptyPasswords no
-UseLogin no
+PermitRootLogin yes
+#Port 22
+#ListenAddress 0.0.0.0
+#HostKey  /etc/ssh_host_key
+#RandomSeed /etc/ssh_random_seed
+#ServerKeyBits 768
+#LoginGraceTime 600
+#KeyRegenerationInterval 3600
+#IgnoreRhosts no
+#StrictModes yes
+#X11Forwarding no
+#X11DisplayOffset 10
+#PrintMotd yes
+#KeepAlive yes
+#SyslogFacility AUTH
+#RhostsRSAAuthentication yes
+#RSAAuthentication yes
+#PasswordAuthentication yes
+#PermitEmptyPasswords no
+#UseLogin no
 # CheckMail no
 # PidFile /u/zappa/.ssh/pid
 # AllowHosts *.our.com friend.other.com