04:25 tmclaugh 

- expire port: Long out of date with multiple security issues.
  (Don't worry, openssh-portable is still there.)

18:53 dinoex 

FreeBSD specifc security fix for:
ChallengeResponseAuthentication yes

04:50 dinoex 

Defaults changed: (Gregory Sutter)
 ChallengeResponseAuthentication no
 UseLogin no

SSH_PRIVSEP_USER=sshd, distributioin patch set it to nobodyh. (Jan Srzednicki)

#undef USE_PIPES, problems with ppp over ssh. (Kugimoto Takeshi)

fix missing includes for "canohost.h"

17:32 dinoex 

Update to openssh-3.4
Update to openssh-3.4p1

22:57 dinoex 

Enable privilege separation as default,
create user and home if it not exists.

21:13 dinoex 

Merge PAM-changes from openssh currrent
Fix build with SKEY=yes, pr# 36119
Cleanup pw_expire handling.
Add missing includes
Changes defaults to: PermitRootLogin=no, UsePrivilegeSeparation=no
Use $PREFIX/etc/ssh for config, updating manpages too.

07:28 dinoex 

Update to OpenSSH 3.2.3

- patch openssh-3.1-adv.token.patch is now obsolete.
- remerged PAM changes form previous port
- declare CMSG_* macros.
- fixed bad type in function input_userauth_passwd_changereq

Update to OpenSSH-portable-3.2.3p1

- patch openssh-3.1p1-adv.token.patch is now obsolete
- keep previously declared CONFIGURE_ARGS
- remove openssh-mit-krb5-20020326.diff (should be in the distribution now)
- patch patch-readpassphrase.c is now in teh distribution
- merged previous patches.
- extend CONFIGURE_ARGS so it find OPENSSL again.
- new patches for GSSAPI, not fully tested.

If you have the patch applied:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/36080

Builds with openssl-0.9.6d under:
2.2.8-RELEASE
3.2-RELEASE
4.2-RELEASE
4.6-RC

19:36 dinoex 

Merge patches from -stable with USE_PAM and HAVE_LOGIN_CAP
Bump PORTREVISION

PR:             35904