119 lines
4.7 KiB
Diff
119 lines
4.7 KiB
Diff
diff -rupN openssh.orig/configure.ac openssh/configure.ac
|
|
--- openssh.orig/configure.ac 2022-02-26 19:58:30.546051700 -0500
|
|
+++ openssh/configure.ac 2022-02-26 19:59:22.049729742 -0500
|
|
@@ -5185,6 +5185,19 @@ AC_ARG_WITH([superuser-path],
|
|
)
|
|
|
|
|
|
+# Set keydir
|
|
+AC_ARG_WITH([keydir],
|
|
+ [ --with-keydir= Specify different path for storing keys],
|
|
+ [
|
|
+ if test -n "$withval" && test "x$withval" != "xno" && \
|
|
+ test "x${withval}" != "xyes"; then
|
|
+ KEYDIR=$withval
|
|
+ fi
|
|
+ ]
|
|
+)
|
|
+AC_SUBST([KEYDIR])
|
|
+
|
|
+
|
|
AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
|
|
IPV4_IN6_HACK_MSG="no"
|
|
AC_ARG_WITH(4in6,
|
|
@@ -5565,6 +5578,7 @@ G=`eval echo ${piddir}` ; G=`eval echo $
|
|
H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
|
|
I=`eval echo ${user_path}` ; I=`eval echo ${I}`
|
|
J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
|
|
+K=`eval echo ${KEYDIR}` ; K=`eval echo ${K}`
|
|
|
|
echo ""
|
|
echo "OpenSSH has been configured with the following options:"
|
|
@@ -5588,6 +5602,9 @@ fi
|
|
if test ! -z "$superuser_path" ; then
|
|
echo " sshd superuser user PATH: $J"
|
|
fi
|
|
+if test ! -z "$KEYDIR" ; then
|
|
+echo " sshd keydir: $K"
|
|
+fi
|
|
echo " Manpage format: $MANTYPE"
|
|
echo " PAM support: $PAM_MSG"
|
|
echo " OSF SIA support: $SIA_MSG"
|
|
diff -rupN openssh.orig/Makefile.in openssh/Makefile.in
|
|
--- openssh.orig/Makefile.in 2022-02-26 19:58:30.542051725 -0500
|
|
+++ openssh/Makefile.in 2022-02-26 20:00:16.313389959 -0500
|
|
@@ -31,9 +31,11 @@ PRIVSEP_PATH=@PRIVSEP_PATH@
|
|
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
|
|
STRIP_OPT=@STRIP_OPT@
|
|
TEST_SHELL=@TEST_SHELL@
|
|
+KEYDIR=@KEYDIR@
|
|
BUILDDIR=@abs_top_builddir@
|
|
|
|
PATHS= -DSSHDIR=\"$(sysconfdir)\" \
|
|
+ -DKEYDIR=\"$(KEYDIR)\" \
|
|
-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
|
|
-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
|
|
-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
|
|
@@ -168,11 +170,11 @@ PATHSUBS = \
|
|
-e 's|/etc/ssh/sshd_config|$(sysconfdir)/sshd_config|g' \
|
|
-e 's|/usr/libexec|$(libexecdir)|g' \
|
|
-e 's|/etc/shosts.equiv|$(sysconfdir)/shosts.equiv|g' \
|
|
- -e 's|/etc/ssh/ssh_host_key|$(sysconfdir)/ssh_host_key|g' \
|
|
- -e 's|/etc/ssh/ssh_host_ecdsa_key|$(sysconfdir)/ssh_host_ecdsa_key|g' \
|
|
- -e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \
|
|
- -e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \
|
|
- -e 's|/etc/ssh/ssh_host_ed25519_key|$(sysconfdir)/ssh_host_ed25519_key|g' \
|
|
+ -e 's|/etc/ssh/ssh_host_key|$(KEYDIR)/ssh_host_key|g' \
|
|
+ -e 's|/etc/ssh/ssh_host_ecdsa_key|$(KEYDIR)/ssh_host_ecdsa_key|g' \
|
|
+ -e 's|/etc/ssh/ssh_host_dsa_key|$(KEYDIR)/ssh_host_dsa_key|g' \
|
|
+ -e 's|/etc/ssh/ssh_host_rsa_key|$(KEYDIR)/ssh_host_rsa_key|g' \
|
|
+ -e 's|/etc/ssh/ssh_host_ed25519_key|$(KEYDIR)/ssh_host_ed25519_key|g' \
|
|
-e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \
|
|
-e 's|/etc/moduli|$(sysconfdir)/moduli|g' \
|
|
-e 's|/etc/ssh/moduli|$(sysconfdir)/moduli|g' \
|
|
Binary files openssh.orig/.Makefile.in.rej.swp and openssh/.Makefile.in.rej.swp differ
|
|
diff -rupN openssh.orig/pathnames.h openssh/pathnames.h
|
|
--- openssh.orig/pathnames.h 2022-02-26 19:58:30.550051674 -0500
|
|
+++ openssh/pathnames.h 2022-02-26 19:59:22.049729742 -0500
|
|
@@ -18,6 +18,10 @@
|
|
#define SSHDIR ETCDIR "/ssh"
|
|
#endif
|
|
|
|
+#ifndef KEYDIR
|
|
+#define KEYDIR SSHDIR
|
|
+#endif
|
|
+
|
|
#ifndef _PATH_SSH_PIDDIR
|
|
#define _PATH_SSH_PIDDIR "/var/run"
|
|
#endif
|
|
@@ -26,9 +30,9 @@
|
|
* System-wide file containing host keys of known hosts. This file should be
|
|
* world-readable.
|
|
*/
|
|
-#define _PATH_SSH_SYSTEM_HOSTFILE SSHDIR "/ssh_known_hosts"
|
|
+#define _PATH_SSH_SYSTEM_HOSTFILE KEYDIR "/ssh_known_hosts"
|
|
/* backward compat for protocol 2 */
|
|
-#define _PATH_SSH_SYSTEM_HOSTFILE2 SSHDIR "/ssh_known_hosts2"
|
|
+#define _PATH_SSH_SYSTEM_HOSTFILE2 KEYDIR "/ssh_known_hosts2"
|
|
|
|
/*
|
|
* Of these, ssh_host_key must be readable only by root, whereas ssh_config
|
|
@@ -36,12 +40,12 @@
|
|
*/
|
|
#define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config"
|
|
#define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config"
|
|
-#define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key"
|
|
-#define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key"
|
|
-#define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key"
|
|
-#define _PATH_HOST_XMSS_KEY_FILE SSHDIR "/ssh_host_xmss_key"
|
|
-#define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key"
|
|
-#define _PATH_DH_MODULI SSHDIR "/moduli"
|
|
+#define _PATH_HOST_DSA_KEY_FILE KEYDIR "/ssh_host_dsa_key"
|
|
+#define _PATH_HOST_ECDSA_KEY_FILE KEYDIR "/ssh_host_ecdsa_key"
|
|
+#define _PATH_HOST_ED25519_KEY_FILE KEYDIR "/ssh_host_ed25519_key"
|
|
+#define _PATH_HOST_XMSS_KEY_FILE KEYDIR "/ssh_host_xmss_key"
|
|
+#define _PATH_HOST_RSA_KEY_FILE KEYDIR "/ssh_host_rsa_key"
|
|
+#define _PATH_DH_MODULI KEYDIR "/moduli"
|
|
|
|
#ifndef _PATH_SSH_PROGRAM
|
|
#define _PATH_SSH_PROGRAM "/usr/bin/ssh"
|