SPECS: openssh-blacklist.spec (NEW) - default blacklist for known bad publi...
jajcus
jajcus at pld-linux.org
Tue May 20 15:42:15 CEST 2008
Author: jajcus Date: Tue May 20 13:42:15 2008 GMT
Module: SPECS Tag: HEAD
---- Log message:
- default blacklist for known bad public SSH keys (generated using the broken Debian openssl)
---- Files affected:
SPECS:
openssh-blacklist.spec (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SPECS/openssh-blacklist.spec
diff -u /dev/null SPECS/openssh-blacklist.spec:1.1
--- /dev/null Tue May 20 15:42:15 2008
+++ SPECS/openssh-blacklist.spec Tue May 20 15:42:09 2008
@@ -0,0 +1,51 @@
+# $Revision$, $Date$
+#
+Summary: List of blacklisted OpenSSH RSA and DSA keys
+Name: openssh-blacklist
+Version: 0.2.1
+Release: 1
+License: GPLv3
+Group: Applications
+Source0: http://ftp.debian.org/debian/pool/main/o/openssh-blacklist/%{name}_%{version}.tar.gz
+# Source0-md5: 726869883bff9953537b2a07bbfef3c8
+Suggests: openssh >= 2:5.0p1-5
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+Contains a set of default SSH keys that were known to have been
+generated by Debian machines during the time when the Debian OpenSSL
+package had a broken Random Number Generator.
+
+%prep
+%setup -q
+
+%build
+mkdir tmp
+
+for i in `ls [RD]SA-* | cut -d. -f1 | sort -u`; do
+ cat debian/blacklist.prefix > tmp/blacklist.$i
+ cat $i.* | cut -b13- | sort >> tmp/blacklist.$i
+done
+
+%install
+rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT%{_sysconfdir}/ssh
+install tmp/blacklist.* $RPM_BUILD_ROOT%{_sysconfdir}/ssh
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(644,root,root,755)
+%doc README debian/README.Debian debian/copyright
+%{_sysconfdir}/ssh/blacklist.*
+
+%define date %(echo `LC_ALL="C" date +"%a %b %d %Y"`)
+%changelog
+* %{date} PLD Team <feedback at pld-linux.org>
+All persons listed below can be reached at <cvs_login>@pld-linux.org
+
+$Log$
+Revision 1.1 2008-05-20 13:42:09 jajcus
+- default blacklist for known bad public SSH keys (generated using the broken Debian openssl)
+
================================================================
More information about the pld-cvs-commit
mailing list