Subversion Repositories lsh

Compare Revisions

Ignore whitespace Rev 88 → Rev 89

/tags/2.0.4-dfsg-8/debian/control
0,0 → 1,88
Source: lsh-utils
Section: net
Priority: extra
Maintainer: Magnus Holmgren <holmgren@debian.org>
Uploaders: Stefan Pfetzing <dreamind@dreamind.de>
Standards-Version: 3.9.1
Build-Depends: debhelper (>= 7), dh-autoreconf, automake,
libgmp10-dev, zlib1g-dev | libz-dev, liboop-dev, libxau-dev, nettle-dev (>= 2.1~), nettle-bin,
texinfo (>= 4.2), guile-1.6 | scsh-0.6, heimdal-dev, libwrap0-dev | libwrap-dev,
libpam0g-dev | libpam-dev, libreadline-dev, m4
Homepage: http://www.lysator.liu.se/~nisse/lsh/
 
Package: lsh-utils
Architecture: any
Depends: nettle-bin (>= 2.0-2), ${shlibs:Depends}, ${misc:Depends}
Recommends: openssh-blacklist, openssh-blacklist-extra
Suggests: lsh-server, lsh-client, lsh-doc
Description: Secure Shell v2 (SSH2) protocol utilities
lsh is GNU GPL'd implementation of the Secure Shell protocol version
2 (SSH2). The SSH (Secure SHell) protocol is a secure replacement for
rlogin, rsh and rcp.
.
This package contains the lsh utilities. This includes programs such
as lsh-keygen, lsh-writekey (both programs for public/private key
generation), lsh-authorize (for automatic remote key authentication),
ssh-conv (utilities for converting between various public & private
key formats), and a number of other utilities for use with both the
lsh server and client.
.
In some countries it may be illegal to use any encryption at all
without a special permit.
 
Package: lsh-server
Architecture: any
Provides: ssh-server
Depends: lsh-utils (= ${binary:Version}), openssh-blacklist,
${shlibs:Depends}, ${misc:Depends}
Recommends: openssh-blacklist-extra
Suggests: lsh-client | openssh-client, lsh-doc
Description: Secure Shell v2 (SSH2) protocol server
lsh is GNU GPL'd implementation of the Secure Shell
protocol version 2 (SSH2). The SSH (Secure SHell) protocol
is a secure replacement for rlogin, rsh and rcp.
.
This package contains the lsh server, lshd. This package is required
to allow SSH2 logins to the local machine.
.
In some countries it may be illegal to use any encryption
at all without a special permit.
 
Package: lsh-client
Architecture: any
Depends: nettle-bin, lsh-utils (= ${binary:Version}),
${shlibs:Depends}, ${misc:Depends}
Breaks: lsh-utils (<< 2.0.4-dfsg-1)
Replaces: lsh-utils (<< 2.0.4-dfsg-1)
Suggests: lsh-doc
Description: Secure Shell v2 (SSH2) protocol client
lsh is GNU GPL'd implementation of the Secure Shell
protocol version 2 (SSH2). The SSH (Secure SHell) protocol
is a secure replacement for rlogin, rsh and rcp.
.
This package contains the lsh client used to log in to a remote lsh
or ssh2 server.
.
In some countries it may be illegal to use any encryption
at all without a special permit.
 
Package: lsh-doc
Architecture: all
Section: doc
Depends: dpkg (>= 1.15.4) | install-info, ${misc:Depends}
Suggests: lsh-utils, lsh-server, lsh-client
Conflicts: lsh-utils (<< 1.0.2-3)
Breaks: lsh-utils-doc (<< 2.0.4-dfsg-1)
Replaces: lsh-utils-doc (<< 2.0.4-dfsg-1)
Description: Secure Shell v2 (SSH2) client / server / utilities documentation
lsh is GNU GPL'd implementation of the Secure Shell
protocol version 2 (SSH2). The SSH (Secure SHell) protocol
is a secure replacement for rlogin, rsh and rcp.
.
This package contains the lsh documentation, including info
pages, manpages about the various protocols which lsh uses,
as well as various documents about lsh internals, protocols
and general lsh development.
.
In some countries it may be illegal to use any encryption
at all without a special permit.
/tags/2.0.4-dfsg-8/debian/compat
0,0 → 1,0
7
/tags/2.0.4-dfsg-8/debian/patches/better-errmsg-when-dotlsh-missing.patch
0,0 → 1,33
Author: Magnus Holmgren <holmgren@debian.org>
Description: Show the intended error message when no seed file exists
(instead of one about a locking error)
 
diff -urNad trunk~/src/unix_random.c trunk/src/unix_random.c
--- trunk~/src/unix_random.c 2006-01-23 18:47:10.000000000 +0100
+++ trunk/src/unix_random.c 2008-06-24 22:29:29.000000000 +0200
@@ -353,6 +353,15 @@
yarrow256_init(&self->yarrow, RANDOM_NSOURCES, self->sources);
+ if (access(lsh_get_cstring(seed_file_name), F_OK) < 0)
+ {
+ werror("No seed file. Please create one by running\n");
+ werror("lsh-make-seed -o \"%S\".\n", seed_file_name);
+
+ KILL(self);
+ return NULL;
+ }
+
verbose("Reading seed-file `%S'\n", seed_file_name);
self->lock
@@ -374,8 +383,7 @@
self->seed_file_fd = open(lsh_get_cstring(seed_file_name), O_RDWR);
if (self->seed_file_fd < 0)
{
- werror("No seed file. Please create one by running\n");
- werror("lsh-make-seed -o \"%S\".\n", seed_file_name);
+ werror("Could not open seed file \"%S\".\n", seed_file_name);
KILL_RESOURCE(lock);
KILL(self);
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: 2.0.4-dfsg-8/debian/patches/terminate-on-connection-failure.patch
===================================================================
--- 2.0.4-dfsg-8/debian/patches/terminate-on-connection-failure.patch (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/terminate-on-connection-failure.patch (revision 89)
@@ -0,0 +1,16 @@
+Author: Magnus Holmgren <holmgren@debian.org>
+Description: Call exit() in lsh's default exception handler on EXC_IO_CONNECT
+ Otherwise lsh won't terminate.
+
+diff -urNad trunk~/src/lsh.c trunk/src/lsh.c
+--- trunk~/src/lsh.c 2005-03-16 21:06:23.000000000 +0100
++++ trunk/src/lsh.c 2010-01-09 22:32:51.000000000 +0100
+@@ -959,6 +959,8 @@
+ *self->status = EXIT_FAILURE;
+
+ werror("%z, (errno = %i)\n", e->msg, exc->error);
++ if (e->type == EXC_IO_CONNECT)
++ exit(*self->status);
+ }
+ else
+ switch(e->type)
/2.0.4-dfsg-8/debian/patches/terminate-on-connection-failure.patch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: 2.0.4-dfsg-8/debian/patches/blacklist.patch
===================================================================
--- 2.0.4-dfsg-8/debian/patches/blacklist.patch (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/blacklist.patch (revision 89)
@@ -0,0 +1,382 @@
+Author: Magnus Holmgren <holmgren@debian.org>
+Description: Check keys against openssh-blacklist
+ Check keys before accepting for pubkey authentication as well as on conversion
+ by lsh-writekey and lsh-decode-key.
+ .
+ blacklist.c code copied from the openssh package and adapted for LSH.
+
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -69,7 +69,8 @@ liblsh_a_SOURCES = abstract_io.c abstrac
+ unix_interact.c unix_process.c unix_random.c unix_user.c \
+ userauth.c \
+ werror.c write_buffer.c write_packet.c \
+- xalloc.c xauth.c zlib.c
++ xalloc.c xauth.c zlib.c \
++ blacklist.c
+
+ liblsh_a_LIBADD = @LIBOBJS@
+
+--- a/src/abstract_crypto.h
++++ b/src/abstract_crypto.h
+@@ -162,7 +162,9 @@ MAC_DIGEST((instance), lsh_string_alloc(
+ (public_key method (string))
+
+ ; Returns (public-key (<pub-sig-alg-id> <s-expr>*))
+- (public_spki_key method (string) "int transport")))
++ (public_spki_key method (string) "int transport")
++
++ (key_size method uint32_t)))
+ */
+
+ #define VERIFY(verifier, algorithm, length, data, slength, sdata) \
+@@ -170,7 +172,7 @@ MAC_DIGEST((instance), lsh_string_alloc(
+
+ #define PUBLIC_KEY(verifier) ((verifier)->public_key((verifier)))
+ #define PUBLIC_SPKI_KEY(verifier, t) ((verifier)->public_spki_key((verifier), (t)))
+-
++#define KEY_SIZE(verifier) ((verifier)->key_size((verifier)))
+
+ /* GABA:
+ (class
+--- a/src/abstract_crypto.h.x
++++ b/src/abstract_crypto.h.x
+@@ -161,6 +161,7 @@ struct verifier
+ int (*(verify))(struct verifier *self,int algorithm,uint32_t length,const uint8_t *data,uint32_t signature_length,const uint8_t *signature_data);
+ struct lsh_string *(*(public_key))(struct verifier *self);
+ struct lsh_string *(*(public_spki_key))(struct verifier *self,int transport);
++ uint32_t *(*(key_size))(struct verifier *self);
+ };
+ extern struct lsh_class verifier_class;
+ #endif /* !GABA_DEFINE */
+--- /dev/null
++++ b/src/blacklist.c
+@@ -0,0 +1,152 @@
++#if HAVE_CONFIG_H
++#include "config.h"
++#endif
++
++#include <assert.h>
++
++#include "atoms.h"
++#include "format.h"
++#include "lsh_string.h"
++#include "werror.h"
++#include "crypto.h"
++
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <unistd.h>
++#include <fcntl.h>
++#include <string.h>
++
++int blacklisted_key(struct verifier *v, int method);
++
++/* Scan a blacklist of known-vulnerable keys in blacklist_file. */
++static int
++blacklisted_key_in_file(struct lsh_string *lsh_hash, struct lsh_string *blacklist_file)
++{
++ int fd = -1;
++ const char *hash = 0;
++ uint32_t line_len;
++ struct stat st;
++ char buf[256];
++ off_t start, lower, upper;
++ int ret = 0;
++
++ debug("Checking blacklist file %S\n", blacklist_file);
++ fd = open(lsh_get_cstring(blacklist_file), O_RDONLY);
++ if (fd < 0) {
++ ret = -1;
++ goto out;
++ }
++
++ hash = lsh_get_cstring(lsh_hash) + 12;
++ line_len = strlen(hash);
++ if (line_len != 20)
++ goto out;
++
++ /* Skip leading comments */
++ start = 0;
++ for (;;) {
++ ssize_t r;
++ char *newline;
++
++ r = read(fd, buf, sizeof(buf));
++ if (r <= 0)
++ goto out;
++ if (buf[0] != '#')
++ break;
++
++ newline = memchr(buf, '\n', sizeof(buf));
++ if (!newline)
++ goto out;
++ start += newline + 1 - buf;
++ if (lseek(fd, start, SEEK_SET) < 0)
++ goto out;
++ }
++
++ /* Initialise binary search record numbers */
++ if (fstat(fd, &st) < 0)
++ goto out;
++ lower = 0;
++ upper = (st.st_size - start) / (line_len + 1);
++
++ while (lower != upper) {
++ off_t cur;
++ int cmp;
++
++ cur = lower + (upper - lower) / 2;
++
++ /* Read this line and compare to digest; this is
++ * overflow-safe since cur < max(off_t) / (line_len + 1) */
++ if (lseek(fd, start + cur * (line_len + 1), SEEK_SET) < 0)
++ break;
++ if (read(fd, buf, line_len) != line_len)
++ break;
++ cmp = memcmp(buf, hash, line_len);
++ if (cmp < 0) {
++ if (cur == lower)
++ break;
++ lower = cur;
++ } else if (cmp > 0) {
++ if (cur == upper)
++ break;
++ upper = cur;
++ } else {
++ ret = 1;
++ break;
++ }
++ }
++
++out:
++ if (fd >= 0)
++ close(fd);
++ return ret;
++}
++
++/*
++ * Scan blacklists of known-vulnerable keys. If a vulnerable key is found,
++ * its fingerprint is returned in *fp, unless fp is NULL.
++ */
++int
++blacklisted_key(struct verifier *v, int method)
++{
++ const char *keytype;
++ int ret = -1;
++ const char *paths[] = { "/usr/share/ssh/blacklist", "/etc/ssh/blacklist", NULL };
++ const char **pp;
++ struct lsh_string *lsh_hash = ssh_format("%lfxS",
++ hash_string(&crypto_md5_algorithm,
++ PUBLIC_KEY(v), 1));
++ uint32_t keysize = KEY_SIZE(v);
++
++ switch (method)
++ {
++ case ATOM_SSH_DSS:
++ case ATOM_DSA:
++ keytype = "DSA";
++ break;
++ case ATOM_SSH_RSA:
++ case ATOM_RSA_PKCS1_SHA1:
++ case ATOM_RSA_PKCS1_MD5:
++ case ATOM_RSA_PKCS1:
++ keytype = "RSA";
++ break;
++ default:
++ werror("Unrecognized key type");
++ return -1;
++ }
++
++ for (pp = paths; *pp && ret <= 0; pp++) {
++ struct lsh_string *blacklist_file = ssh_format("%lz.%lz-%di",
++ *pp, keytype, keysize);
++ int r = blacklisted_key_in_file(lsh_hash, blacklist_file);
++ lsh_string_free(blacklist_file);
++ if (r > ret) ret = r;
++ }
++
++ if (ret > 0) {
++ werror("Key is compromised: %z %i %fS\n", keytype, keysize,
++ lsh_string_colonize(lsh_hash, 2, 0));
++ } else if (ret < 0) {
++ verbose("No blacklist for key type %z size %i", keytype, keysize);
++ }
++ return ret;
++}
+--- a/src/dsa.c
++++ b/src/dsa.c
+@@ -189,6 +189,14 @@ do_dsa_public_spki_key(struct verifier *
+ "y", self->key.y);
+ }
+
++static uint32_t
++do_dsa_key_size(struct verifier *v)
++{
++ CAST(dsa_verifier, self, v);
++
++ return mpz_sizeinbase(self->key.p, 2);
++}
++
+ static void
+ init_dsa_verifier(struct dsa_verifier *self)
+ {
+@@ -199,6 +207,7 @@ init_dsa_verifier(struct dsa_verifier *s
+ self->super.verify = do_dsa_verify;
+ self->super.public_spki_key = do_dsa_public_spki_key;
+ self->super.public_key = do_dsa_public_key;
++ self->super.key_size = do_dsa_key_size;
+ }
+
+
+--- a/src/lsh-decode-key.c
++++ b/src/lsh-decode-key.c
+@@ -133,6 +133,10 @@ lsh_decode_key(struct lsh_string *conten
+ werror("Invalid dsa key.\n");
+ return NULL;
+ }
++ else if (blacklisted_key(v, type) > 0)
++ {
++ return NULL;
++ }
+ else
+ return PUBLIC_SPKI_KEY(v, 1);
+ }
+@@ -150,6 +154,10 @@ lsh_decode_key(struct lsh_string *conten
+ werror("Invalid rsa key.\n");
+ return NULL;
+ }
++ else if (blacklisted_key(v, type) > 0)
++ {
++ return NULL;
++ }
+ else
+ return PUBLIC_SPKI_KEY(v, 1);
+ }
+--- a/src/lsh-writekey.c
++++ b/src/lsh-writekey.c
+@@ -397,14 +397,18 @@ process_public(const struct lsh_string *
+ {
+ struct signer *s;
+ struct verifier *v;
++ int algorithm_name;
+
+- s = spki_make_signer(options->signature_algorithms, key, NULL);
++ s = spki_make_signer(options->signature_algorithms, key, &algorithm_name);
+
+ if (!s)
+ return NULL;
+
+ v = SIGNER_GET_VERIFIER(s);
+ assert(v);
++ if (blacklisted_key(v, algorithm_name) > 0) {
++ return NULL;
++ }
+
+ return PUBLIC_SPKI_KEY(v, 1);
+ }
+@@ -416,7 +420,8 @@ main(int argc, char **argv)
+ int private_fd;
+ int public_fd;
+ struct lsh_string *input;
+- struct lsh_string *output;
++ struct lsh_string *priv_output;
++ struct lsh_string *pub_output;
+ const struct exception *e;
+
+ argp_parse(&main_argp, argc, argv, 0, NULL, options);
+@@ -439,16 +444,22 @@ main(int argc, char **argv)
+ return EXIT_FAILURE;
+ }
+
+- output = process_private(input, options);
+- if (!output)
++ pub_output = process_public(input, options);
++ if (!pub_output)
++ return EXIT_FAILURE;
++
++ priv_output = process_private(input, options);
++ if (!priv_output)
+ return EXIT_FAILURE;
+
++ lsh_string_free(input);
++
+ private_fd = open_file(options->private_file);
+ if (private_fd < 0)
+ return EXIT_FAILURE;
+
+- e = write_raw(private_fd, STRING_LD(output));
+- lsh_string_free(output);
++ e = write_raw(private_fd, STRING_LD(priv_output));
++ lsh_string_free(priv_output);
+
+ if (e)
+ {
+@@ -457,18 +468,12 @@ main(int argc, char **argv)
+ return EXIT_FAILURE;
+ }
+
+- output = process_public(input, options);
+- lsh_string_free(input);
+-
+- if (!output)
+- return EXIT_FAILURE;
+-
+ public_fd = open_file(options->public_file);
+ if (public_fd < 0)
+ return EXIT_FAILURE;
+
+- e = write_raw(public_fd, STRING_LD(output));
+- lsh_string_free(output);
++ e = write_raw(public_fd, STRING_LD(pub_output));
++ lsh_string_free(pub_output);
+
+ if (e)
+ {
+--- a/src/publickey_crypto.h
++++ b/src/publickey_crypto.h
+@@ -203,5 +203,7 @@ parse_ssh_dss_public(struct simple_buffe
+ struct verifier *
+ make_ssh_dss_verifier(const struct lsh_string *public);
+
++int
++blacklisted_key(struct verifier *v, int method);
+
+ #endif /* LSH_PUBLICKEY_CRYPTO_H_INCLUDED */
+--- a/src/rsa.c
++++ b/src/rsa.c
+@@ -167,6 +167,14 @@ do_rsa_public_spki_key(struct verifier *
+ self->key.n, self->key.e);
+ }
+
++static uint32_t
++do_rsa_key_size(struct verifier *v)
++{
++ CAST(rsa_verifier, self, v);
++
++ return mpz_sizeinbase(self->key.n, 2);
++}
++
+
+ /* NOTE: To initialize an rsa verifier, one must
+ *
+@@ -184,6 +192,7 @@ init_rsa_verifier(struct rsa_verifier *s
+ self->super.verify = do_rsa_verify;
+ self->super.public_key = do_rsa_public_key;
+ self->super.public_spki_key = do_rsa_public_spki_key;
++ self->super.key_size = do_rsa_key_size;
+ }
+
+ /* Alternative constructor using a key of type ssh-rsa, when the atom
+--- a/src/server_authorization.c
++++ b/src/server_authorization.c
+@@ -93,7 +93,8 @@ do_key_lookup(struct lookup_verifier *c,
+ PUBLIC_SPKI_KEY(v, 0),
+ 1));
+
+- if (USER_FILE_EXISTS(keyholder, filename, 1))
++ if (USER_FILE_EXISTS(keyholder, filename, 1)
++ && blacklisted_key(v, method) < 1)
+ return v;
+
+ return NULL;
/2.0.4-dfsg-8/debian/patches/blacklist.patch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: 2.0.4-dfsg-8/debian/patches/nettle-2.0.patch
===================================================================
--- 2.0.4-dfsg-8/debian/patches/nettle-2.0.patch (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/nettle-2.0.patch (revision 89)
@@ -0,0 +1,238 @@
+Author: Magnus Holmgren <holmgren@debian.org>
+Description: Adapt to Nettle 2.0
+
+--- a/src/crypto.c
++++ b/src/crypto.c
+@@ -71,7 +71,7 @@ do_crypt_arcfour(struct crypto_instance
+ assert(!(length % 8));
+
+ lsh_string_crypt(dst, di, src, si, length,
+- (nettle_crypt_func) arcfour_crypt, &self->ctx);
++ (nettle_crypt_func*) arcfour_crypt, &self->ctx);
+ }
+
+ static struct crypto_instance *
+@@ -114,7 +114,7 @@ do_aes_cbc_encrypt(struct crypto_instanc
+
+ lsh_string_cbc_encrypt(dst, di, src, si, length,
+ AES_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) aes_encrypt,
++ (nettle_crypt_func*) aes_encrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -128,7 +128,7 @@ do_aes_cbc_decrypt(struct crypto_instanc
+
+ lsh_string_cbc_decrypt(dst, di, src, si, length,
+ AES_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) aes_decrypt,
++ (nettle_crypt_func*) aes_decrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -185,7 +185,7 @@ do_aes_ctr_crypt(struct crypto_instance
+
+ lsh_string_ctr_crypt(dst, di, src, si, length,
+ AES_BLOCK_SIZE, self->ctx.ctr,
+- (nettle_crypt_func) aes_encrypt,
++ (nettle_crypt_func*) aes_encrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -227,7 +227,7 @@ do_des3_encrypt(struct crypto_instance *
+
+ lsh_string_cbc_encrypt(dst, di, src, si, length,
+ DES3_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) des3_encrypt,
++ (nettle_crypt_func*) des3_encrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -241,7 +241,7 @@ do_des3_decrypt(struct crypto_instance *
+
+ lsh_string_cbc_decrypt(dst, di, src, si, length,
+ DES3_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) des3_decrypt,
++ (nettle_crypt_func*) des3_decrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -303,7 +303,7 @@ do_cast128_encrypt(struct crypto_instanc
+
+ lsh_string_cbc_encrypt(dst, di, src, si, length,
+ CAST128_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) cast128_encrypt,
++ (nettle_crypt_func*) cast128_encrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -317,7 +317,7 @@ do_cast128_decrypt(struct crypto_instanc
+
+ lsh_string_cbc_decrypt(dst, di, src, si, length,
+ CAST128_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) cast128_decrypt,
++ (nettle_crypt_func*) cast128_decrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -363,7 +363,7 @@ do_twofish_encrypt(struct crypto_instanc
+
+ lsh_string_cbc_encrypt(dst, di, src, si, length,
+ TWOFISH_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) twofish_encrypt,
++ (nettle_crypt_func*) twofish_encrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -377,7 +377,7 @@ do_twofish_decrypt(struct crypto_instanc
+
+ lsh_string_cbc_decrypt(dst, di, src, si, length,
+ TWOFISH_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) twofish_decrypt,
++ (nettle_crypt_func*) twofish_decrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -422,7 +422,7 @@ do_blowfish_encrypt(struct crypto_instan
+
+ lsh_string_cbc_encrypt(dst, di, src, si, length,
+ BLOWFISH_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) blowfish_encrypt,
++ (nettle_crypt_func*) blowfish_encrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -436,7 +436,7 @@ do_blowfish_decrypt(struct crypto_instan
+
+ lsh_string_cbc_decrypt(dst, di, src, si, length,
+ BLOWFISH_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) blowfish_decrypt,
++ (nettle_crypt_func*) blowfish_decrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -488,7 +488,7 @@ do_serpent_encrypt(struct crypto_instanc
+
+ lsh_string_cbc_encrypt(dst, di, src, si, length,
+ SERPENT_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) serpent_encrypt,
++ (nettle_crypt_func*) serpent_encrypt,
+ &self->ctx.ctx);
+ }
+
+@@ -502,7 +502,7 @@ do_serpent_decrypt(struct crypto_instanc
+
+ lsh_string_cbc_decrypt(dst, di, src, si, length,
+ SERPENT_BLOCK_SIZE, self->ctx.iv,
+- (nettle_crypt_func) serpent_decrypt,
++ (nettle_crypt_func*) serpent_decrypt,
+ &self->ctx.ctx);
+ }
+
+--- a/src/lsh-make-seed.c
++++ b/src/lsh-make-seed.c
+@@ -1219,6 +1219,7 @@ main(int argc, char **argv)
+
+ struct yarrow256_ctx yarrow;
+ struct yarrow_source sources[NSOURCES];
++ uint8_t seed[YARROW256_SEED_FILE_SIZE];
+
+ argp_parse(&main_argp, argc, argv, 0, NULL, options);
+
+@@ -1371,7 +1372,8 @@ main(int argc, char **argv)
+ }
+ }
+
+- e = write_raw(fd, sizeof(yarrow.seed_file), yarrow.seed_file);
++ yarrow256_random(&yarrow, sizeof(seed), seed);
++ e = write_raw(fd, sizeof(seed), seed);
+
+ if (e)
+ {
+--- a/src/unix_random.c
++++ b/src/unix_random.c
+@@ -81,6 +81,7 @@ write_seed_file(struct yarrow256_ctx *ct
+ int fd)
+ {
+ const struct exception *e;
++ uint8_t seed[YARROW256_SEED_FILE_SIZE];
+
+ if (lseek(fd, 0, SEEK_SET) < 0)
+ {
+@@ -88,7 +89,8 @@ write_seed_file(struct yarrow256_ctx *ct
+ return 0;
+ }
+
+- e = write_raw(fd, YARROW256_SEED_FILE_SIZE, ctx->seed_file);
++ yarrow256_random(ctx, sizeof(seed), seed);
++ e = write_raw(fd, sizeof(seed), seed);
+
+ if (e)
+ {
+@@ -183,17 +185,19 @@ update_seed_file(struct unix_random *sel
+ {
+ struct lsh_string *s = read_seed_file(self->seed_file_fd);
+
+- write_seed_file(&self->yarrow, self->seed_file_fd);
+- KILL_RESOURCE(lock);
+-
+ /* Mix in the old seed file, it might have picked up
+ * some randomness. */
+ if (s)
+ {
++ self->yarrow.sources[RANDOM_SOURCE_NEW_SEED].next = YARROW_FAST;
+ yarrow256_update(&self->yarrow, RANDOM_SOURCE_NEW_SEED,
+ 0, STRING_LD(s));
+ lsh_string_free(s);
++ yarrow256_fast_reseed(&self->yarrow);
+ }
++
++ write_seed_file(&self->yarrow, self->seed_file_fd);
++ KILL_RESOURCE(lock);
+ }
+ }
+
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -113,7 +113,7 @@ lsh_krb_checkpw_LDADD=@KRB_LIBS@
+
+ lsh_execuv_LDADD=
+
+-LDADD = liblsh.a spki/libspki.a -lnettle @LIBARGP@
++LDADD = liblsh.a spki/libspki.a -lnettle -lhogweed @LIBARGP@
+
+ # To avoid having to link lshg with nettle, link with dummy.o.
+
+--- a/src/spki/testsuite/Makefile.am
++++ b/src/spki/testsuite/Makefile.am
+@@ -9,7 +9,7 @@ TS_ALL = $(TS_PROGS) $(TS_SH)
+
+ noinst_PROGRAMS = $(TS_PROGS)
+
+-LDADD = testutils.o ../libspki.a -lnettle
++LDADD = testutils.o ../libspki.a -lnettle -lhogweed
+
+ include .dist_cdsa
+
+--- a/src/spki/tools/Makefile.am
++++ b/src/spki/tools/Makefile.am
+@@ -6,7 +6,7 @@ noinst_PROGRAMS = spki-check-signature s
+ # that affects all programs.
+
+ LDADD = misc.o getopt.o getopt1.o \
+- ../libspki.a -lnettle
++ ../libspki.a -lnettle -lhogweed
+
+ spki_make_signature_SOURCES = spki-make-signature.c sign.c
+ spki_delegate_SOURCES = spki-delegate.c sign.c
+--- a/src/testsuite/Makefile.am
++++ b/src/testsuite/Makefile.am
+@@ -34,7 +34,7 @@ noinst_PROGRAMS = $(TS_PROGS)
+ # Workaround to get automake to keep dependencies for testutils.o
+ EXTRA_PROGRAMS = testutils
+
+-LDADD = testutils.o ../liblsh.a ../spki/libspki.a -lnettle \
++LDADD = testutils.o ../liblsh.a ../spki/libspki.a -lnettle -lhogweed \
+ $(DOTDOT_LIBARGP)
+
+ include .dist_rapid7
Index: 2.0.4-dfsg-8/debian/patches/nonettle.patch
===================================================================
--- 2.0.4-dfsg-8/debian/patches/nonettle.patch (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/nonettle.patch (revision 89)
@@ -0,0 +1,214 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -778,7 +778,6 @@ if test x$enable_ipv6 = xyes ; then
+ fi
+
+ AC_CONFIG_SUBDIRS(src/argp)
+-AC_CONFIG_SUBDIRS(src/nettle)
+ AC_CONFIG_SUBDIRS(src/spki)
+ AC_CONFIG_SUBDIRS(src/sftp)
+
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -1,15 +1,12 @@
+ # Process this file with automake to produce Makefile.in
+
+-SUBDIRS = argp rsync nettle scm sftp spki . testsuite
++SUBDIRS = argp rsync scm sftp spki . testsuite
+
+ include .dist_classes
+ include .dist_headers
+
+ BUILT_SOURCES = environ.h
+
+-# Kludge needed for finding the nettle/nettle-types.h file in the build tree
+-AM_CPPFLAGS = -I./nettle
+-
+ SCHEME = $(SCHEME_PROGRAM) -l $(srcdir)/scm/$(SCHEME_NAME)-compat.scm
+
+ EXTRA_PROGRAMS = lsh-krb-checkpw lsh-pam-checkpw srp-gen
+@@ -116,7 +113,7 @@ lsh_krb_checkpw_LDADD=@KRB_LIBS@
+
+ lsh_execuv_LDADD=
+
+-LDADD = liblsh.a spki/libspki.a nettle/libnettle.a @LIBARGP@
++LDADD = liblsh.a spki/libspki.a -lnettle @LIBARGP@
+
+ # To avoid having to link lshg with nettle, link with dummy.o.
+
+--- a/src/rsync/Makefile.am
++++ b/src/rsync/Makefile.am
+@@ -3,10 +3,6 @@
+ noinst_LIBRARIES = librsync.a
+ noinst_HEADERS = rsync.h
+
+-# Needed for finding the nettle include files in the source tree
+-# and nettle-types.h in the build tree.
+-AM_CPPFLAGS = -I$(srcdir)/.. -I../nettle
+-
+ librsync_a_SOURCES = generate.c receive.c checksum.c send.c
+
+
+--- a/src/sftp/Makefile.am
++++ b/src/sftp/Makefile.am
+@@ -1,8 +1,5 @@
+ SUBDIRS = . testsuite
+
+-# Needed for finding nettle-types.h in the build tree.
+-AM_CPPFLAGS = -I..
+-
+ AUTOMAKE_OPTIONS = foreign
+
+ bin_PROGRAMS = lsftp
+--- a/src/spki/Makefile.am
++++ b/src/spki/Makefile.am
+@@ -1,8 +1,5 @@
+ SUBDIRS = . tools testsuite
+
+-# FIXME: Create a link to nettle directory instead?
+-AM_CPPFLAGS = -I$(srcdir)/.. -I../nettle
+-
+ noinst_LIBRARIES = libspki.a
+ # libspkiincludedir = $(includedir)/nettle
+
+--- a/src/spki/testsuite/Makefile.am
++++ b/src/spki/testsuite/Makefile.am
+@@ -1,8 +1,4 @@
+
+-# FIXME: Create a link to nettle directory instead?
+-AM_CPPFLAGS = -O0 -I$(top_srcdir) -I$(top_srcdir)/.. -I../../nettle
+-AM_LDFLAGS = -L../../nettle
+-
+ TS_PROGS = principal-test date-test tag-test read-acl-test \
+ lookup-acl-test read-cert-test cdsa-reduce-test
+
+--- a/src/spki/tools/Makefile.am
++++ b/src/spki/tools/Makefile.am
+@@ -1,16 +1,12 @@
+ noinst_PROGRAMS = spki-check-signature spki-make-signature \
+ spki-delegate spki-reduce
+
+-# FIXME: Create a link to nettle directory instead?
+-AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/.. -I../../nettle
+-AM_LDFLAGS = -L.. -L../../nettle/
+-
+ # libnettle.a and libspki.a are added at the end to make sure all
+ # programs depend on it. It seems there's no DEPENDENCIES variable
+ # that affects all programs.
+
+ LDADD = misc.o getopt.o getopt1.o \
+- -lspki -lnettle ../libspki.a ../../nettle/libnettle.a
++ ../libspki.a -lnettle
+
+ spki_make_signature_SOURCES = spki-make-signature.c sign.c
+ spki_delegate_SOURCES = spki-delegate.c sign.c
+--- a/src/testsuite/Makefile.am
++++ b/src/testsuite/Makefile.am
+@@ -3,7 +3,7 @@
+ # -O0 is not recogniced on AIX
+ # AM_CFLAGS = -O0
+
+-AM_CPPFLAGS = -I$(srcdir)/.. -I.. -I../nettle
++AM_CPPFLAGS = -I$(srcdir)/..
+
+ TS_PROGS = arcfour-test aes-test blowfish-test cast128-test \
+ des-test \
+@@ -34,7 +34,7 @@ noinst_PROGRAMS = $(TS_PROGS)
+ # Workaround to get automake to keep dependencies for testutils.o
+ EXTRA_PROGRAMS = testutils
+
+-LDADD = testutils.o ../liblsh.a ../spki/libspki.a ../nettle/libnettle.a \
++LDADD = testutils.o ../liblsh.a ../spki/libspki.a -lnettle \
+ $(DOTDOT_LIBARGP)
+
+ include .dist_rapid7
+@@ -59,6 +59,6 @@ all:
+
+ # sexp-conv may be dynamically linked
+ check: $(TS_ALL)
+- LD_LIBRARY_PATH="`pwd`/../nettle/.lib" srcdir=$(srcdir) \
++ srcdir=$(srcdir) \
+ $(srcdir)/run-tests $(TS_ALL)
+
+--- a/src/spki/testsuite/check-signature-test
++++ b/src/spki/testsuite/check-signature-test
+@@ -1,7 +1,7 @@
+ #! /bin/sh
+
+ conv () {
+- echo "$1" | ../../nettle/tools/sexp-conv -s transport | tee test.in
++ echo "$1" | sexp-conv -s transport | tee test.in
+ }
+
+ die () {
+--- a/src/spki/testsuite/delegate-test
++++ b/src/spki/testsuite/delegate-test
+@@ -1,7 +1,7 @@
+ #! /bin/sh
+
+ conv () {
+- ../../nettle/tools/sexp-conv -s transport | tee test.in
++ sexp-conv -s transport | tee test.in
+ }
+
+ die () {
+@@ -12,7 +12,7 @@ die () {
+ check_sexp () {
+ file="$1"
+ shift
+- ../../nettle/tools/sexp-conv -s canonical > test.canonical || die "sexp-conv failed"
++ sexp-conv -s canonical > test.canonical || die "sexp-conv failed"
+ cmp "$file" test.canonical || die "$@"
+ }
+
+--- a/src/spki/testsuite/make-signature-test
++++ b/src/spki/testsuite/make-signature-test
+@@ -1,7 +1,7 @@
+ #! /bin/sh
+
+ conv () {
+- echo "$1" | ../../nettle/tools/sexp-conv -s transport | tee test.in
++ echo "$1" | sexp-conv -s transport | tee test.in
+ }
+
+ die () {
+@@ -10,7 +10,7 @@ die () {
+ }
+
+ echo foo | ../tools/spki-make-signature "$srcdir/key-1" \
+- | ../../nettle/tools/sexp-conv -s transport > test.in
++ | sexp-conv -s transport > test.in
+
+ echo foo | ../tools/spki-check-signature "`cat test.in`" \
+ || die "Valid signature failed"
+--- a/src/spki/testsuite/reduce-test
++++ b/src/spki/testsuite/reduce-test
+@@ -3,7 +3,7 @@
+ # Test case from Oscar Cánovas Reverte
+
+ conv () {
+- ../../nettle/tools/sexp-conv -s transport
++ sexp-conv -s transport
+ }
+
+ die () {
+@@ -14,7 +14,7 @@ die () {
+ check_sexp () {
+ file="$1"
+ shift
+- ../../nettle/tools/sexp-conv -s canonical > test.canonical || die "sexp-conv failed"
++ sexp-conv -s canonical > test.canonical || die "sexp-conv failed"
+ cmp "$file" test.canonical || die "$@"
+ }
+
+--- a/src/testsuite/functions.sh
++++ b/src/testsuite/functions.sh
+@@ -9,7 +9,7 @@ set -e
+ : ${LSH_YARROW_SEED_FILE:="$TEST_HOME/.lsh/yarrow-seed-file"}
+
+ # For lsh-authorize
+-: ${SEXP_CONV:="`pwd`/../nettle/tools/sexp-conv"}
++: ${SEXP_CONV:="sexp-conv"}
+
+ export LSH_YARROW_SEED_FILE SEXP_CONV
+
Index: 2.0.4-dfsg-8/debian/patches/nettle-2.1.patch
===================================================================
--- 2.0.4-dfsg-8/debian/patches/nettle-2.1.patch (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/nettle-2.1.patch (revision 89)
@@ -0,0 +1,133 @@
+Author: Magnus Holmgren <holmgren@debian.org>
+Description: Adapt to Nettle 2.1
+
+--- a/src/spki/verify.c
++++ b/src/spki/verify.c
+@@ -75,11 +75,11 @@ spki_verify_dsa(const uint8_t *digest,
+ dsa_signature_init(&rs);
+
+ res = (dsa_keypair_from_sexp_alist(&dsa, NULL,
+- RSA_KEYSIZE_LIMIT, &key->sexp)
++ RSA_KEYSIZE_LIMIT, DSA_SHA1_Q_BITS, &key->sexp)
+ && spki_parse_type(key)
+- && dsa_signature_from_sexp(&rs, &signature->sexp)
++ && dsa_signature_from_sexp(&rs, &signature->sexp, DSA_SHA1_Q_BITS)
+ && spki_parse_type(signature)
+- && dsa_verify_digest(&dsa, digest, &rs));
++ && dsa_sha1_verify_digest(&dsa, digest, &rs));
+
+ dsa_signature_clear(&rs);
+ dsa_public_key_clear(&dsa);
+--- a/src/dsa.c
++++ b/src/dsa.c
+@@ -118,7 +118,7 @@ do_dsa_verify(struct verifier *c, int al
+ && (atom == ATOM_SSH_DSS)
+ && parse_string(&buffer, &buf_length, &buf)
+ && !(buf_length % 2)
+- && (buf_length <= (2 * DSA_Q_OCTETS))
++ && (buf_length <= (2 * DSA_SHA1_Q_OCTETS))
+ && parse_eod(&buffer)))
+ goto fail;
+
+@@ -143,8 +143,8 @@ do_dsa_verify(struct verifier *c, int al
+ if (! (sexp_iterator_first(&i, signature_length, signature_data)
+ && sexp_iterator_enter_list(&i)
+ && sexp_iterator_assoc(&i, 2, names, values)
+- && nettle_mpz_set_sexp(sv.r, DSA_Q_BITS, &values[0])
+- && nettle_mpz_set_sexp(sv.s, DSA_Q_BITS, &values[1])) )
++ && nettle_mpz_set_sexp(sv.r, DSA_SHA1_Q_BITS, &values[0])
++ && nettle_mpz_set_sexp(sv.s, DSA_SHA1_Q_BITS, &values[1])) )
+ goto fail;
+
+ break;
+@@ -156,7 +156,7 @@ do_dsa_verify(struct verifier *c, int al
+ sha1_init(&hash);
+ sha1_update(&hash, length, msg);
+
+- res = dsa_verify(&self->key, &hash, &sv);
++ res = dsa_sha1_verify(&self->key, &hash, &sv);
+ fail:
+
+ dsa_signature_clear(&sv);
+@@ -212,7 +212,7 @@ parse_ssh_dss_public(struct simple_buffe
+
+ if (parse_bignum(buffer, res->key.p, DSA_MAX_OCTETS)
+ && (mpz_sgn(res->key.p) == 1)
+- && parse_bignum(buffer, res->key.q, DSA_Q_OCTETS)
++ && parse_bignum(buffer, res->key.q, DSA_SHA1_Q_OCTETS)
+ && (mpz_sgn(res->key.q) == 1)
+ && (mpz_cmp(res->key.q, res->key.p) < 0) /* q < p */
+ && parse_bignum(buffer, res->key.g, DSA_MAX_OCTETS)
+@@ -269,7 +269,7 @@ do_dsa_sign(struct signer *c,
+ dsa_signature_init(&sv);
+ sha1_init(&hash);
+ sha1_update(&hash, msg_length, msg);
+- dsa_sign(&self->verifier->key, &self->key,
++ dsa_sha1_sign(&self->verifier->key, &self->key,
+ self->random, lsh_random, &hash, &sv);
+
+ debug("do_dsa_sign: r = %xn, s = %xn\n", sv.r, sv.s);
+@@ -323,7 +323,7 @@ make_dsa_verifier(struct signature_algor
+ NEW(dsa_verifier, res);
+ init_dsa_verifier(res);
+
+- if (dsa_keypair_from_sexp_alist(&res->key, NULL, DSA_MAX_BITS, i))
++ if (dsa_keypair_from_sexp_alist(&res->key, NULL, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i))
+ return &res->super;
+
+ KILL(res);
+@@ -342,7 +342,7 @@ make_dsa_signer(struct signature_algorit
+
+ dsa_private_key_init(&res->key);
+
+- if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key, DSA_MAX_BITS, i))
++ if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i))
+ {
+ res->random = self->random;
+ res->verifier = verifier;
+--- a/src/crypto.c
++++ b/src/crypto.c
+@@ -251,10 +251,6 @@ make_des3_cbc_instance(struct crypto_alg
+ const uint8_t *key, const uint8_t *iv)
+ {
+ NEW(des3_instance, self);
+- uint8_t pkey[DES3_KEY_SIZE];
+-
+- /* Fix odd parity */
+- des_fix_parity(DES3_KEY_SIZE, pkey, key);
+
+ self->super.block_size = DES3_BLOCK_SIZE;
+ self->super.crypt = ( (mode == CRYPTO_ENCRYPT)
+@@ -263,19 +259,13 @@ make_des3_cbc_instance(struct crypto_alg
+
+ CBC_SET_IV(&self->ctx, iv);
+
+- if (des3_set_key(&self->ctx.ctx, pkey))
++ if (des3_set_key(&self->ctx.ctx, key))
+ return(&self->super);
+-
+- switch(self->ctx.ctx.status)
++ else
+ {
+- case DES_BAD_PARITY:
+- fatal("Internal error! Bad parity in make_des3_instance.\n");
+- case DES_WEAK_KEY:
+ werror("Detected weak DES key.\n");
+ KILL(self);
+ return NULL;
+- default:
+- fatal("Internal error!\n");
+ }
+ }
+
+--- a/src/lsh-keygen.c
++++ b/src/lsh-keygen.c
+@@ -217,7 +217,7 @@ dsa_generate_key(struct randomness *r, u
+ if (dsa_generate_keypair(&public, &private,
+ r, lsh_random,
+ NULL, progress,
+- 512 + 64 * level))
++ 512 + 64 * level, DSA_SHA1_Q_BITS))
+ {
+ key =
+ lsh_string_format_sexp(0,
Index: 2.0.4-dfsg-8/debian/patches/testsuite-mini-inetd-localhost.patch
===================================================================
--- 2.0.4-dfsg-8/debian/patches/testsuite-mini-inetd-localhost.patch (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/testsuite-mini-inetd-localhost.patch (revision 89)
@@ -0,0 +1,15 @@
+Description: Tell mini-inetd to bind to 127.0.0.1 instead of "localhost".
+ When told to bind to "localhost", mini-inetd seems to bind to 255.255.255.255.
+Author: Magnus Holmgren <holmgren@debian.org>
+
+--- a/src/testsuite/functions.sh
++++ b/src/testsuite/functions.sh
+@@ -155,7 +155,7 @@ spawn_lshg () {
+ # at_connect local-port max-connections shell-command
+ at_connect () {
+ # sleep 1 # Allow some time for earlier processes to die
+- mini-inetd -m $2 -- localhost:$1 /bin/sh sh -c "$3" &
++ mini-inetd -m $2 -- 127.0.0.1:$1 /bin/sh sh -c "$3" &
+ at_exit "kill $!"
+ }
+
Index: 2.0.4-dfsg-8/debian/patches/series
===================================================================
--- 2.0.4-dfsg-8/debian/patches/series (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/series (revision 89)
@@ -0,0 +1,9 @@
+nonettle.patch
+sftp-server-mansection.patch
+better-errmsg-when-dotlsh-missing.patch
+nettle-2.0.patch
+nettle-2.1.patch
+blacklist.patch
+terminate-on-connection-failure.patch
+ipv6-v6only.patch
+testsuite-mini-inetd-localhost.patch
Index: 2.0.4-dfsg-8/debian/patches/sftp-server-mansection.patch
===================================================================
--- 2.0.4-dfsg-8/debian/patches/sftp-server-mansection.patch (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/sftp-server-mansection.patch (revision 89)
@@ -0,0 +1,16 @@
+Description: Invent manual section 8lsh for lsh's sftp-server
+ (To avoid conflicts without having to rename the sftp-server binary.)
+Author: Magnus Holmgren <holmgren@debian.org>
+
+diff -urNad trunk~/src/sftp/sftp-server.8 trunk/src/sftp/sftp-server.8
+--- trunk~/src/sftp/sftp-server.8 2006-05-08 21:11:17.000000000 +0200
++++ trunk/src/sftp/sftp-server.8 2007-10-03 20:48:35.000000000 +0200
+@@ -22,7 +22,7 @@
+ .\" maintainers of the package you received this manual from and make your
+ .\" modified versions available to them.
+ .\"
+-.TH SFTP-SERVER 8 "NOVEMBER 2004" SFTP-SERVER "Lsh Manuals"
++.TH SFTP-SERVER 8lsh "NOVEMBER 2004" SFTP-SERVER "Lsh Manuals"
+ .SH NAME
+ sftp-server - Server for the sftp subsystem
+ .SH SYNOPSIS
/2.0.4-dfsg-8/debian/patches/sftp-server-mansection.patch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: 2.0.4-dfsg-8/debian/patches/ipv6-v6only.patch
===================================================================
--- 2.0.4-dfsg-8/debian/patches/ipv6-v6only.patch (nonexistent)
+++ 2.0.4-dfsg-8/debian/patches/ipv6-v6only.patch (revision 89)
@@ -0,0 +1,22 @@
+Author: Magnus Holmgren <holmgren@debian.org>
+Description: Set the IPV6_V6ONLY socket option on AF_INET6 sockets
+ Since lshd by default enumerates available address families and calls
+ bind() once for each, conflicts will occur otherwise.
+
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' trunk~/src/io.c trunk/src/io.c
+--- trunk~/src/io.c 2006-01-23 18:49:58.000000000 +0100
++++ trunk/src/io.c 2010-07-27 02:17:04.000000000 +0200
+@@ -1690,6 +1690,13 @@
+ {
+ int yes = 1;
+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char*)&yes, sizeof yes);
++#if WITH_IPV6 && defined (IPV6_V6ONLY)
++ if (local->sa_family == AF_INET6)
++ {
++ if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &yes, sizeof(yes)) < 0)
++ werror("setsockopt IPV6_V6ONLY failed: %e.\n", errno);
++ }
++#endif
+ }
+
+ if (bind(s, local, length) < 0)
/2.0.4-dfsg-8/debian/patches/ipv6-v6only.patch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: 2.0.4-dfsg-8/debian/changelog
===================================================================
--- 2.0.4-dfsg-8/debian/changelog (nonexistent)
+++ 2.0.4-dfsg-8/debian/changelog (revision 89)
@@ -0,0 +1,581 @@
+lsh-utils (2.0.4-dfsg-8) unstable; urgency=low
+
+ * Change source format to 3.0 (quilt), renaming all patches
+ from *.dpatch to *.patch and dropping the numbers.
+ * While 30_nonettle.dpatch was a script that used sed to modify
+ instances of Makefile.in, nonettle.patch patches Makefile.am files as
+ well as configure.ac. dh-autoremake is used to call autoremake before
+ configure and to restore the effects in the clean target. The
+ src/nettle subdirectory still needs to be renamed to avoid its header
+ files from being found; that is now done in debian/rules.
+ * Switch from CDBS to a more old-style debian/rules to get better
+ control over the build process.
+ * Increase Debhelper compat level to 7.
+ * blacklist.patch: Don't reject when blacklisted_key() returns -1,
+ indicating no blacklist file for the key type and/or size in question
+ exists.
+ * nettle-2.1.patch (new): Build with Nettle 2.1.
+ * Enable tests.
+ testsuite-mini-inetd-localhost.patch (new): When told to bind to
+ "localhost", mini-inetd, which is used in certain (optional) tests,
+ seems to bind to 255.255.255.255, which is of course no good. Tell it
+ to bind to 127.0.0.1 instead.
+ * debian/lsh-doc.doc-base: Change section to the new `Network/Remote Access'.
+
+ -- Magnus Holmgren <holmgren@debian.org> Sun, 20 Mar 2011 01:30:08 +0100
+
+lsh-utils (2.0.4-dfsg-7) unstable; urgency=low
+
+ * terminate_on_connection_failure.dpatch (new): Make sure that lsh exits
+ if it fails to connect to the remote host (Closes: #485812).
+ * ipv6_v6only.dpatch (new): Set the IPV6_V6ONLY socket option on
+ AF_INET6 sockets; since lshd by default enumerates available address
+ families and calls bind() once for each, conflicts will occur
+ otherwise.
+ * lsh-server.postinst: If openssh-server is installed and lsh-server is
+ configured to use port 22, shut down sshd in addition to disabling it
+ (Closes: #567945).
+ * lsh-server.postinst: Close fd 3 (opened by debconf) to avoid "Closed
+ spurious fd" warnings.
+ * debian/control: Declare Breaks instead of Conflicts for files moved
+ between packages.
+ * Upgraded to Standards-Version 3.9.1 with the preceding change.
+ * debian/control (lsh-server): Drop old Conflicts: lsh-utils (<<
+ 1.0.2-3).
+
+ -- Magnus Holmgren <holmgren@debian.org> Sun, 01 Aug 2010 20:52:37 +0200
+
+lsh-utils (2.0.4-dfsg-6) unstable; urgency=low
+
+ * Change libreadline build dependency to just libreadline-dev
+ (Closes: #553804).
+ * Add new debconf template translations:
+ + Japanese from Hideki Yamane (Closes: #558082)
+ + Spanish from Shukoh (Closes: #557008)
+ Credit to the respective Debian translation teams.
+ * Fix a spelling error in one of the debconf templates, run
+ debconf-updatepo, clean out the old obsolete translation entries, and
+ perform some trivial maintenance on the Nynorsk file.
+
+ -- Magnus Holmgren <holmgren@debian.org> Sat, 28 Nov 2009 17:57:30 +0100
+
+lsh-utils (2.0.4-dfsg-5) unstable; urgency=low
+
+ * lsh-server.init.d: Don't suppress start/stop messages when $VERBOSE =
+ "no". /etc/init.d/skeleton is not a good example in this matter.
+ * blacklist.dpatch: Check keys against openssh-blacklist before
+ accepting for pubkey authentication as well as on conversion by
+ lsh-writekey and lsh-decode-key.
+ * lsh-server: Depend on openssh-blacklist, recommend -blacklist-extra.
+ lsh-utils: Recommend openssh-blacklist and -blacklist-extra.
+ * Move seed and key creation back to postinst and import RSA key from
+ openssh-server if it exists (Closes: #211252).
+ * debian/mans/lcp.1: Fix errors.
+
+ -- Magnus Holmgren <holmgren@debian.org> Sun, 08 Nov 2009 20:18:17 +0100
+
+lsh-utils (2.0.4-dfsg-4) unstable; urgency=high
+
+ * lsh-server.init.d: Fix critical exit status ($?) handling mistake
+ (Closes: #545090).
+
+ -- Magnus Holmgren <holmgren@debian.org> Sat, 05 Sep 2009 00:44:45 +0200
+
+lsh-utils (2.0.4-dfsg-3) unstable; urgency=low
+
+ * lsh-doc: Depend on dpkg (>= 1.15.4) | install-info as recommended for
+ the transition to triggerized install-info.
+ * Add ${misc:Depends} to Depends in case Debhelper needs it in the
+ future.
+ * Increase Debhelper compat level to 5.
+ * Build with Nettle 2.0 (nettle-dev) (Closes: #543131).
+ * nettle_2.0.dpatch created to adapt to API changes.
+ * 30_nonettle.dpatch modified to add -lhogweed to LDADD where
+ appropriate.
+ * Add ANNOUNCE to lsh-doc.
+ * Rewrite lsh-server.init.d a bit:
+ * Use LSB logging functions.
+ * Let lshd daemonize and create/delete its pid file by itself.
+ * Change the Provides: line in the LSB header to "lsh-server" and
+ declare that it should start before the services that depend on an
+ SSH server (Closes: #542689). Thanks to Petter Reinholdtsen.
+ * Support the status action.
+ * Drop the no longer useful lsh-server-config script.
+ * Upgrade to Standards-Version 3.8.3:
+ * Add README.source.
+ * Drop obsolete manpages from debian/mans.
+
+ -- Magnus Holmgren <holmgren@debian.org> Thu, 03 Sep 2009 00:55:45 +0200
+
+lsh-utils (2.0.4-dfsg-2) unstable; urgency=low
+
+ * 40_better_errmsg_when_dotlsh_missing.dpatch (new): In unix_random.c,
+ check whether the seed file exists before trying to lock it, and give
+ the hint about running lsh-make-seed if it doesn't (Closes: #485856).
+ * Update doc-base section of lsh-doc to match current structure.
+ * Remove inactive maintainer as requested by the MIA team and put myself
+ in charge (Closes: #487137).
+ * Upgrade lsh-client's Recommends of lsh-utils to a Depends. It's not
+ huge and lsh-client is almost useless without it in most cases
+ (Closes: #481073).
+ * Use --as-needed to avoid unnecessary dependencies.
+
+ -- Magnus Holmgren <holmgren@debian.org> Wed, 25 Jun 2008 16:40:16 +0200
+
+lsh-utils (2.0.4-dfsg-1) unstable; urgency=low
+
+ * New upstream release (Closes: #422199)
+ - Repackaged without non-free RFC (src/nettle/testsuite/rfc1750.txt)
+ (Closes: #408490).
+ - Drop 01_fix_manpages.dpatch; incorporated upstream.
+ - Fixes X11 forwarding bug.
+ * New co-maintainer added.
+ * Rename lsh-utils-doc as lsh-doc. We'll rename the source package after
+ Sarge is gone.
+ * Drop the tarball-in-tarball format and ship a "normal" .orig.tar.gz.
+ - Drop 02_fix_perms.dpatch.
+ - Add some extra cleanup in debian/rules.
+ * Increase Standards-Version to 3.7.3. No changes needed.
+ * Put some more docs in the packages: README and ChangeLog is now in all
+ packages, AUTHORS in lsh-utils. Update debian/copyright to refer to
+ /usr/share/doc/lsh-utils/AUTHORS (Closes: #421108).
+ * debian/control: Use ${binary:Version} substitution variable instead of
+ ${source-version}.
+ * Review Build-depends: Drop patchutils, comerr-dev (redundant),
+ po-debconf (redundant), xutils (makes no difference); add
+ autotools-dev, scsh-0.6 (as alternative to guile-1.6).
+ * Drop lshc, the deprecated alias for lsh (Closes: #417426).
+ * 30_nonettle.dpatch: Link dynamically with libnettle-dev instead of
+ statically with the bundled nettle (Closes: #412138).
+ * Don't provide sexp-conv; let lsh-client depend on nettle-bin instead.
+ * Move lsftp and lcp to lsh-client.
+ * Put sftp-server in /usr/lib/lsh-server and put the manpage in section
+ 8lsh instead of renaming it (new 20_sftp-server_mansection.dpatch).
+ * Ship lsh.html in lsh-doc.
+ * Add doc-base entry.
+ * debian/control: Add Homepage field.
+ * debian/watch: Update dversionmangle to strip -dfsg suffix.
+
+ -- Magnus Holmgren <holmgren@debian.org> Thu, 01 May 2008 19:22:18 +0200
+
+lsh-utils (2.0.2-1.1) unstable; urgency=low
+
+ * Non-maintainer upload to fix longstanding l10n issues
+ * Debconf templates translations:
+ - Swedish added. Closes: #351641
+ - Portuguese added. Sent during the call for updates of the NMU campaign.
+ * Lintian fixes:
+ - Do not Build-depend on build-essential
+ - Add a very basic LSB header to the init script
+
+ -- Christian Perrier <bubulle@debian.org> Wed, 13 Dec 2006 22:02:11 +0100
+
+lsh-utils (2.0.2-1) unstable; urgency=low
+
+ * New upstream release
+ * The fd leak in the server is known as CVE-2006-0353
+ * Support for aes256-ctr.
+ * Newer nettle library.
+ * Fix for some more fd leaks, but none in the debian default
+ configuration.
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Sat, 28 Jan 2006 05:42:16 +0100
+
+lsh-utils (2.0.1cdbs-4) unstable; urgency=high
+
+ * Remove silly debconf questions and correct others. (Closes: Bug#337026)
+ * Switch to dpatch.
+ * Make lsh-utils build on a grsecurity system.
+ * Remove /var/spool/lsh upon purge.
+ * Update Vietnamese debconf translation.
+ * Update German debconf translation.
+ * Update Danish debconf translation.
+ * Update Czech debconf translation.
+ * Update Dutch debconf translation.
+ * Update Russian debconf translation. (Closes: Bug#349180)
+ * Update French debconf translation. (Closes: Bug#348822)
+ * Have lsh-server provide ssh-server. (Closes: Bug#348844)
+ * Update the watch file format version to the latest (3).
+ * Have uscan remove the "cdbs" version extension.
+ * Fix fd leak in the lsh-server.
+ This is to be security related, so upload it with a high urgency.
+ (Closes: Bug#349303)
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Sun, 22 Jan 2006 06:30:43 +0100
+
+lsh-utils (2.0.1cdbs-3) unstable; urgency=low
+
+ * The 2.0 release removed the "pesky" identity file error.
+ (Closes: Bug#214167)
+ * Update Danish debconf translation.
+ * Update Vietnamese debconf translation.
+ * Update French debconf translation. (Closes: Bug#347543)
+ * Update Russian debconf translation. (Closes: Bug#348138)
+ * Do not regenerate debian/rules. (Closes: Bug#347891)
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Sun, 15 Jan 2006 21:02:36 +0100
+
+lsh-utils (2.0.1cdbs-2) unstable; urgency=low
+
+ * No longer build-depend on xlibs-dev, use libxau-dev instead.
+ (Closes: Bug#347143)
+ * Depend on comerr-dev too, otherwise kerberos support would be broken.
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Thu, 12 Jan 2006 19:34:23 +0100
+
+lsh-utils (2.0.1cdbs-1) unstable; urgency=low
+
+ * Change the build system to cdbs.
+ (And hopefully don't introduce any new bugs.)
+ * Make lintian happy with the odieresis in the manpages.
+ * Fix debian/control, so it can be autogenerated by cdbs.
+ * Conflict lsh, and rename lshc to lsh.
+ * Include a small shell script to notify users.
+ * Make stop act the same way graceful-stop was doing already.
+ This helps not to accidently kill your own lsh connection.
+ * Update debconf po files.
+ * Update the German debconf translation.
+ * Remove the SSH1 notice from lsh-server's package description.
+ * Make the lsh-server package suggest lsh-client or openssh-client.
+ * Add a small note on how to use the lsh client. (Closes: Bug#109899)
+ * No longer FTBFS because of wrong debian/rules. (Closes: Bug#344747)
+ * Update Czech translation. (Closes: Bug#345141)
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Mon, 9 Jan 2006 00:36:44 +0100
+
+lsh-utils (2.0.1-5) unstable; urgency=low
+
+ * Make lsh-utils depend on lsh-client. (Closes: Bug#338014)
+ * Fix lshg to look for lshc instead of lsh. (Closes: Bug#320554)
+ * Fix lcp to look for lshc instead of lsh. (Closes: Bug#338015)
+ * Add lcp manpage. (Closes: Bug#338017)
+ * Clarify package description. lsh should be considered stable now.
+ (Closes: Bug#211317)
+ * Update Russian debconf translation. (Closes: Bug#338170)
+ * Update French debconf translation. (Closes: Bug#338104)
+ * Update Danish debconf translation. (Closes: Bug#337017)
+ * Change guile1.4-slib to guile-1.6 since slib.scm is included
+ with guile-1.6-libs, and we need the scheme interpreter.
+ * Add myself to the uploaders list.
+ * Approve NMUs.
+ (Closes: Bug#300496,Bug#318211,Bug#326328,Bug#326329,Bug#332012)
+ (Closes: Bug#271911,Bug#312617,Bug#313975,Bug#304697,Bug#319933)
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Thu, 10 Nov 2005 21:36:44 +0100
+
+lsh-utils (2.0.1-4.2) unstable; urgency=low
+
+ * NMU.
+ * Make sftp support availible via debconf. (Closes: Bug#304697)
+ * Rebuild against libreadline5 and change build-deps.
+ (Closes: Bug#326328,Bug#326329)
+ * Rebuild with fixed debconf deps. (Closes: Bug#332012)
+ * Update FSF address in debian/copyright.
+ * Add czech po file. (Closes: Bug#319933)
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Mon, 31 Oct 2005 14:21:54 +0100
+
+lsh-utils (2.0.1-4.1) unstable; urgency=low
+
+ * NMU.
+ * Trigger a rebuild to build against libgmp3c2. (Closes: Bug#318211)
+ * Make lsh-server suggest openssh-client or ssh.
+ * Fix Package description (Closes: Bug#271911)
+ * Add vietnamese debconf localization. (Closes: Bug#312617)
+ * Update german debconf localization. (Closes: Bug#313975)
+ * Rebuild fixes lshc host-acls (Closes: Bug#300496)
+ * Bump standards-version, no changes needed. (make lintian happy)
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Sun, 14 Aug 2005 17:04:55 +0200
+
+lsh-utils (2.0.1-4) unstable; urgency=high
+
+ * Trigger a rebuild, because the i386 package wasn't built properly.
+ (Closes: Bug#309365)
+
+ -- Simon Law <sfllaw@debian.org> Mon, 16 May 2005 16:54:00 -0400
+
+lsh-utils (2.0.1-3) unstable; urgency=high
+
+ * Remove the unnecessary nettle-lfib-stream program. (Closes: Bug#308233)
+
+ -- Simon Law <sfllaw@debian.org> Mon, 9 May 2005 19:25:56 -0400
+
+lsh-utils (2.0.1-2.1) unstable; urgency=high
+
+ * NMU
+ * Remove --nist-level option to lsh-keygen since it has changed to using RSA
+ keys now and the old --nist-level setting breaks it. Closes: #301968
+ * High urgency upload since 2.0.1 is needed in testing due to the security
+ fix.
+
+ -- Joey Hess <joeyh@debian.org> Sat, 9 Apr 2005 15:02:22 -0400
+
+lsh-utils (2.0.1-2) unstable; urgency=high
+
+ * Fix up path resolution problems. (Closes: Bug#301039)
+ Thanks to Stefan Pfetzing <dreamind@dreamind.de>
+ * Added a build-depends on m4. (Closes: Bug#300874)
+ * Denial of service attack is now known as CAN-2005-0814.
+
+ -- Simon Law <sfllaw@debian.org> Sat, 26 Mar 2005 13:29:27 -0500
+
+lsh-utils (2.0.1-1) unstable; urgency=high
+
+ * New upstream release
+ - Fix denial of service attack documented in CAN-2005-0389
+
+ -- Simon Law <sfllaw@debian.org> Fri, 18 Mar 2005 17:24:10 -0500
+
+lsh-utils (2.0-1) unstable; urgency=high
+
+ * New upstream release.
+ * Remove extraneous symlinks. (Closes: Bug#291010)
+ * Acknowledge NMUs. (Closes: Bug#293020, Bug#255643)
+
+ -- Simon Law <sfllaw@debian.org> Thu, 17 Mar 2005 18:51:12 -0500
+
+lsh-utils (1.4.2-8.2) unstable; urgency=low
+
+ * Non-maintainer upload with maintainer"s agreement
+ * Fix FTBFS with gcc-4.0 for amd64 builds
+ Thanks to Andreas Jochens for providing the patch
+ Closes: #293020
+
+ -- Christian Perrier <bubulle@debian.org> Tue, 1 Feb 2005 07:10:17 +0100
+
+lsh-utils (1.4.2-8.1) unstable; urgency=low
+
+ * Non-maintainer upload with maintainer's agreement
+ for fixing longstanding l10n issues
+ * Translations:
+ - French added. Closes: #255643
+ - Danish added. Thanks to Claus Hindsgaul
+ - Russian added. Thanks to Yuri Kozlov
+ - Norwegian Nynorsk added. Thanks to Håvard Korsvoll
+ - Dutch added. Thanks to Luk Claes.
+ * Typo fixes in templates (translations unfuzzied):
+ - s/woul dlike/would like
+ - s/ifyou/if you
+
+ -- Christian Perrier <bubulle@debian.org> Thu, 13 Jan 2005 23:29:09 +0100
+
+lsh-utils (1.4.2-8) unstable; urgency=medium
+
+ * Register sexp-conv with the alternatives system so that it doesn't
+ conflict with the binary of the same name (and function) shipped with
+ nettle-bin (Closes: Bug#274772)
+ - This kludge brought to you by Marek Habersack <grendel@debian.org>.
+
+ -- Simon Law <sfllaw@debian.org> Sun, 5 Dec 2004 15:15:59 -0500
+
+lsh-utils (1.4.2-7) unstable; urgency=low
+
+ * New maintainer.
+ * Fix build problem. (Closes: Bug#242040)
+ * Use gettext-based Debconf templates. Thanks to Martin Quinson.
+ (Closes: Bug#239870)
+ * Upgraded to Policy 3.6.1.
+ * Upgraded to Debhelper 4.
+
+ -- Simon Law <sfllaw@debian.org> Wed, 2 Jun 2004 17:56:39 -0400
+
+lsh-utils (1.4.2-6) unstable; urgency=HIGH
+
+ * Applied patch to fix root security hole (closes: #211662)
+ * Build kerberos support against heimdal rather than krb (closes: #199067)
+
+ -- Timshel Knoll <timshel@debian.org> Sat, 20 Sep 2003 11:42:27 +1000
+
+lsh-utils (1.4.2-5) unstable; urgency=low
+
+ * debian/control: Removed alternative of scsh in place of guile1.4-slib from
+ Build-Depends, we really need the latter to build lsh. (closes: #192771)
+
+ -- Timshel Knoll <timshel@debian.org> Sun, 8 Jun 2003 17:44:58 +1000
+
+lsh-utils (1.4.2-4) unstable; urgency=low
+
+ * Just Build-Depend on liboop-dev, not liboop4-dev | liboop-dev (there is
+ no liboop4-dev, whoops!) (closes: #192172)
+ * lsh-server: Added lintian override for missing-debconf-dependency
+ (lsh-server falls back to asking the user if debconf isn't installed)
+
+ -- Timshel Knoll <timshel@debian.org> Thu, 8 May 2003 02:24:52 +1000
+
+lsh-utils (1.4.2-3) unstable; urgency=low
+
+ * debian/control: Priority: extra; lsh-utils-doc changed to Section: doc
+ * Policy 3.5.9
+ * Re-compile against liboop4
+
+ -- Timshel Knoll <timshel@debian.org> Wed, 30 Apr 2003 23:08:41 +1000
+
+lsh-utils (1.4.2-2) unstable; urgency=low
+
+ * debian/control: Build-Depend on xutils (closes: #160666)
+ * Rename sftp-server to sftp-server.lsh to work around name conflict with
+ ssh's sftp-server. (closes: #160611) Maybe this should eventually be
+ handled with alternatives?
+
+ -- Timshel Knoll <timshel@debian.org> Fri, 13 Sep 2002 11:14:43 +1000
+
+lsh-utils (1.4.2-1) unstable; urgency=low
+
+ * New upstream release, a number of new programs come in this release
+ * debian/control: Added lots of new Build-Depends: for 1.4.x series:
+ + liboop-dev required for main lsh servers
+ + xlibs-dev the lshc client now supports X11 forwarding and hence
+ links with libXau: yay!
+ + libkrb5-dev for the lsh-krb-checkpw password helper program. This is
+ still not working however, see README.Debian for details,
+ but I've left the Build-Dep here in stubborn hope :-)
+ + libwrap-dev For lots of the lsh programs to use the TCP wrappers
+ + libpam-dev Required for the lsh-pam-checkpw password helper program
+ + libreadline-dev Required for lsftp's the interactive mode
+ * debian/lsh-server.{config,templates,postrm}: ask whether to remove
+ host keys when lsh-server is purged, all versions of lshd from now on
+ should not disconnect users when the server is restarted - very useful
+ when lsh'd into a box doing an "apt-get install lsh-server" !!! :-)
+ * debian/lsh-server.config: modularised. Now uses a function
+ for each debconf question, and has an array of function references.
+ Check it out :-)
+ * debian/mans/<lots-of-stuff>:
+ Added manpages for new programs, updated some existing manpages
+ * lshd now needs a random seed file, which needs to be generated before lshd
+ can be run. Unfortunately, this operation requires user input, so this
+ can't really be done in the postinst (problems with debconf etc.). This
+ also means that the host key can't be generated in the postinst, since
+ lsh-keygen and lsh-writekey both need the random seed to exist.
+ * debian/lsh-server.init.d: generate the host key here if the random seed
+ exists, fail if it doesn't.
+
+ -- Timshel Knoll <timshel@debian.org> Wed, 11 Sep 2002 12:42:56 +1000
+
+lsh-utils (1.2.5-3) unstable; urgency=low
+
+ * debian/control:
+ - Updated description to remove "export from US is illegal" information
+ - Removed France from the list of countries where crypto may be illegal
+ * debian/mans/{srp-gen.1,sexp-conv.1}: manpage neatened / errors fixed
+ * debian/scripts/lsh-server-config, debian/lsh-server.postrm:
+ Also create / remove /etc/ssh/sshd_not_to_be_run at appropriate times to
+ prevent sshd from being run, not just /etc/ssh/NOSERVER
+ * debian/lsh-server.init.d: fixed issues with ssh1 fallback, it didn't work
+ before (typo in variable names)
+
+ -- Timshel Knoll <timshel@debian.org> Mon, 15 Apr 2002 22:41:58 +1000
+
+lsh-utils (1.2.5-2) unstable; urgency=low
+
+ * Packages moved into main from non-US, yay! Now Section: net
+ * Fixed &>/dev/null bash-ism redirects in upstream's lsh-authorize
+ replaced with >/dev/null 2>&1
+ * debian/control: fixed misspelling in -doc package description
+ (closes: #125097)
+ * src/lsh.c: changed "lsh" references to "lshc" (closes: #109898)
+
+ -- Timshel Knoll <timshel@debian.org> Wed, 27 Mar 2002 01:07:34 +1100
+
+lsh-utils (1.2.5-1) unstable; urgency=low
+
+ * New upstream release
+ * Added German debconf translation (thanks to Sebastian Feltel)
+ (closes: #114339)
+ * debian/copyright: fixed misspelling, common-licences -> common-licenses
+
+ -- Timshel Knoll <timshel@debian.org> Tue, 30 Oct 2001 15:44:43 +1100
+
+lsh-utils (1.2.3-1) unstable; urgency=low
+
+ * New upstream release
+ * debian/control: Don't Build-Depend on libgmp2-dev (closes: #104285)
+
+ -- Timshel Knoll <timshel@debian.org> Thu, 12 Jul 2001 11:26:47 +1000
+
+lsh-utils (1.2.2-2) unstable; urgency=low
+
+ * Applied Niel's IPv6 patch, to get lshd working on systems without IPv6
+ (closes: Bug#97623)
+
+ -- Timshel Knoll <timshel@debian.org> Wed, 23 May 2001 09:38:03 +1000
+
+lsh-utils (1.2.2-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Timshel Knoll <timshel@debian.org> Sat, 12 May 2001 23:58:20 +1000
+
+lsh-utils (1.2.1-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Timshel Knoll <timshel@debian.org> Sat, 21 Apr 2001 21:52:01 +1000
+
+lsh-utils (1.2-1) unstable; urgency=low
+
+ * New upstream release
+ * Fixes do debian/installmans.pl's manpage section regex and sanity
+ checking
+ * Added manpage for new binary lshg (in lsh-client package), did
+ some updates for the lshc binary as options have been added.
+ * Heaps of packaging fixes/updates.
+
+ -- Timshel Knoll <timshel@debian.org> Thu, 12 Apr 2001 13:02:27 +1000
+
+lsh-utils (1.0.2-3) unstable; urgency=low
+
+ * debian/control: Split into 4 packages, lsh-utils, lsh-client,
+ lsh-server and lsh-utils-doc, Standards-Version: 3.5.2,
+ Build-Depends: zlib1g-dev -> libz-dev, added guile1.4-slib | scsh
+ * Pulled original upstream configure script back in and modified that
+ rather than re-generating with autoconf, which made for a huge .diff.gz.
+ * lsh-server package debconf-ized, lsh-server-config script added
+ to configure lshd.
+ * debian/rules: Added support for DEB_BUILD_OPTIONS=nostrip,debug
+
+ -- Timshel Knoll <timshel@debian.org> Mon, 9 Apr 2001 23:59:47 -0700
+
+lsh-utils (1.0.2-2) unstable; urgency=low
+
+ * Changed order of ./configure checks for gmp.h and gmp2/gmp.h to fix
+ compile failure - this now checks for gmp2/gmp.h first and thus fixes
+ the problem. This compile is against libgmp3.
+ * debian/installmans.pl: perl Debian::Debhelper program to install manpages
+ properly - this replaces the dh_installmanpages call in debian/rules
+ which will mean that manpages are installed under their correct names.
+ (ie. lsh.1 will be installed as lshc.1) (closes: Bug#88197).
+ * debian/control: Standards-Version: 3.1.1, Build-Depends: added
+ (including texinfo and libgmp2-dev | libgmp3-dev
+ - (closes: Bug#79645, Bug#84532)).
+ * debian/rules: Removed call to obsolete dh_suidregister.
+ * debian/init.d: changed default port of lshd from 2223 to 2222 (it should
+ have been this from the start, since ssh runs on port 22 _not_ 23). :-)
+
+ -- Timshel Knoll <timshel@debian.org> Tue, 13 Mar 2001 09:54:33 +1100
+
+lsh-utils (1.0.2-1) unstable; urgency=low
+
+ * New upstream release (closes: Bug#75042)
+
+ -- Timshel Knoll <timshel@debian.org> Tue, 12 Dec 2000 11:38:13 +1100
+
+lsh-utils (1.0.1-2) unstable; urgency=low
+
+ * Fixed typo in debian/postinst (lsh_writekey needs -o before output
+ filename) (closes: Bug#71240)
+
+ -- Timshel Knoll <timshel@debian.org> Mon, 18 Sep 2000 23:52:02 +1100
+
+lsh-utils (1.0.1-1) unstable; urgency=low
+
+ * New upstream release
+
+ -- Timshel Knoll <timshel@debian.org> Tue, 18 Jul 2000 19:10:12 +1000
+
+lsh-utils (0.9.9-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Timshel Knoll <timshel@debian.org> Thu, 15 Jun 2000 16:30:33 +1000
+
Index: 2.0.4-dfsg-8/debian/rules
===================================================================
--- 2.0.4-dfsg-8/debian/rules (nonexistent)
+++ 2.0.4-dfsg-8/debian/rules (revision 89)
@@ -0,0 +1,117 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# GNU copyright 1997 to 1999 by Joey Hess.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+# These are used for cross-compiling and for saving the configure script
+# from having to guess our platform (since we know it already)
+DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
+DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+
+ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE))
+ buildflags = --build=$(DEB_BUILD_GNU_TYPE)
+else
+ buildflags = --build=$(DEB_BUILD_GNU_TYPE) --host=$(DEB_HOST_GNU_TYPE)
+endif
+
+parallel = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+ifneq (,$(parallel))
+jobsflag = -j$(parallel)
+endif
+
+config.status: configure.ac
+ dh_testdir
+ # Add here commands to configure the package.
+ [ -d src/nettle-dontuse -a ! -d src/nettle ] || mv src/nettle src/nettle-dontuse
+ dh_autoreconf
+ ./configure $(buildflags) \
+ --prefix=/usr \
+ --disable-dependency-tracking \
+ --enable-pam --enable-kerberos --enable-srp \
+ --with-pty --enable-tcp-forward --enable-x11-forward \
+ --enable-agent-forward --enable-ipv6 --enable-utmp \
+ --with-zlib --with-tcpwrappers --with-sshd1=/usr/sbin/sshd \
+ --with-x XAUTH_PROGRAM=/usr/bin/xauth \
+ CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS) -Wl,-z,defs -Wl,--as-needed"
+
+build: build-stamp
+build-stamp: config.status
+ dh_testdir
+
+ # Add here commands to compile the package.
+ $(MAKE) $(jobsflag) MAKEINFO='makeinfo --enable-encoding'
+ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
+ $(MAKE) check
+endif
+
+ touch build-stamp
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp
+
+ # Add here commands to clean up after the build process.
+ [ ! -f Makefile ] || $(MAKE) distclean
+ dh_autoreconf_clean
+ dh_clean
+ [ -d src/nettle -a ! -d src/nettle-dontuse ] || mv src/nettle-dontuse src/nettle
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_installdirs
+
+ # Add here commands to install the package into debian/tmp
+ $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp
+
+build-indep build-arch: build
+
+# Build architecture-independent files here.
+binary-indep: build-indep install
+ dh_testdir
+ dh_testroot
+ dh_install -i --sourcedir=debian/tmp
+ dh_link -i
+ dh_installchangelogs -i ChangeLog
+ dh_installdocs -i -A README
+ dh_installinfo -i
+ dh_installman -i
+ dh_installdebconf -i
+ dh_compress -i
+ dh_fixperms -i
+ dh_makeshlibs -i
+ dh_installdeb -i
+ dh_shlibdeps -i
+ dh_gencontrol -i
+ dh_md5sums -i
+ dh_builddeb -i
+
+# Build architecture-dependent files here.
+binary-arch: build-arch install
+ dh_testdir
+ dh_testroot
+ dh_install -a --sourcedir=debian/tmp
+ dh_link -a
+ dh_installchangelogs -a ChangeLog
+ dh_installdocs -a -A README
+ dh_installexamples -a
+ dh_installman -a
+ dh_installinit -a
+ dh_installdebconf -a
+ dh_strip -a
+ dh_compress -a
+ dh_fixperms -a
+ dh_makeshlibs -a
+ dh_installdeb -a
+ dh_shlibdeps -a
+ dh_gencontrol -a
+ dh_md5sums -a
+ dh_builddeb -a
+
+binary: binary-arch binary-indep
+.PHONY: build-indep build-arch build clean clean-patched binary-indep binary-arch binary install
/2.0.4-dfsg-8/debian/rules
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: 2.0.4-dfsg-8/debian/source/format
===================================================================
--- 2.0.4-dfsg-8/debian/source/format (nonexistent)
+++ 2.0.4-dfsg-8/debian/source/format (revision 89)
@@ -0,0 +1 @@
+3.0 (quilt)
Index: 2.0.4-dfsg-8/debian/lsh-doc.doc-base
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-doc.doc-base (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-doc.doc-base (revision 89)
@@ -0,0 +1,13 @@
+Document: lsh
+Title: LSH documentation
+Author: Niels Möller
+Abstract: This document describes `lsh' and related programs.
+Section: Network/Remote Access
+
+Format: HTML
+Index: /usr/share/doc/lsh-doc/lsh.html
+Files: /usr/share/doc/lsh-doc/lsh.html
+
+Format: Info
+Index: /usr/share/info/lsh.info.gz
+Files: /usr/share/info/lsh.info.gz
Index: 2.0.4-dfsg-8/debian/lsh-server.postinst
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-server.postinst (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-server.postinst (revision 89)
@@ -0,0 +1,166 @@
+#!/bin/sh
+# postinst script for lsh-server
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+#
+# quoting from the policy:
+# Any necessary prompting should almost always be confined to the
+# post-installation script, and should be protected with a conditional
+# so that unnecessary prompting doesn't happen if a package's
+# installation fails and the `postinst' is called with `abort-upgrade',
+# `abort-remove' or `abort-deconfigure'.
+
+create_seed_and_key() {
+ RANDOM_SEED="/var/spool/lsh/yarrow-seed-file"
+ HOST_KEY="/etc/lsh_host_key"
+ OPENSSH_HOST_KEY="/etc/ssh/ssh_host_rsa_key"
+
+ if [ ! -f "$RANDOM_SEED" ]; then
+ echo -n "Creating lsh random seed file (this may take a while) ..."
+ DIR=$(dirname "$RANDOM_SEED")
+ if install -d -m 700 "$DIR" &&
+ dd if=/dev/random "of=$RANDOM_SEED" bs=1 count=32 2>/dev/null &&
+ chmod 600 "$RANDOM_SEED"; then
+ echo " done."
+ else
+ echo " failed!"
+ return 1
+ fi
+ fi
+
+ if [ ! -f "$HOST_KEY" ]; then
+ if [ -r "$OPENSSH_HOST_KEY" ]; then
+ echo -n "Converting existing OpenSSH RSA host key ... "
+ if pkcs1-conv < "$OPENSSH_HOST_KEY" | lsh-writekey --server &&
+ [ -f "$HOST_KEY" -a -f "$HOST_KEY.pub" ]; then
+ chmod +r "$HOST_KEY.pub"
+ echo "done."
+ return 0
+ fi
+ rm -f "$HOST_KEY" "$HOST_KEY.pub"
+ echo "failed. Will generate a new key instead."
+ fi
+ echo -n "Creating lsh host key ... "
+ if lsh-keygen --server | lsh-writekey --server &&
+ [ -f "$HOST_KEY" -a -f "$HOST_KEY.pub" ]; then
+ chmod +r "$HOST_KEY.pub"
+ echo "done."
+ else
+ echo "failed!"
+ return 1
+ fi
+ fi
+ return 0
+}
+
+LSHD_DEFAULTS=/etc/default/lsh-server
+
+case "$1" in
+ configure)
+
+ # This needs to be fixed. If we do stuff this way, strange things will
+ # happen ... the user can specify stuff to debconf and old options can
+ # still be written to the config file :-(
+ # First, get default options
+ #[ -e "$LSHD_DEFAULTS" ] && . "$LSHD_DEFAULTS"
+
+ # Fall back to default options if necessary
+ LSHD_PORT=${LSHD_PORT:-2222}
+ ENABLE_SFTP=${ENABLE_SFTP:-false}
+
+ # Make sure ENABLE_SFTP is either "true" or "false", set up option
+ case "$ENABLE_SFTP" in
+ true|TRUE|y*|Y*)
+ ENABLE_SFTP=true
+ ;;
+ *)
+ ENABLE_SFTP=false
+ ;;
+ esac
+
+ . /usr/share/debconf/confmodule
+
+ db_get "lsh-server/lshd_port"; LSHD_PORT="$RET"
+ db_get "lsh-server/sftp"; ENABLE_SFTP="$RET"
+ exec 3>&-
+
+ # OK, now make the config file
+
+ cat <<"EOF" >"$LSHD_DEFAULTS"
+# Configuration file generated by lsh-server.postinst.
+# You can change the lsh-server configuration either by editing
+# this file, or by running dpkg-reconfigure lsh-server.
+#
+EOF
+
+ echo "LSHD_PORT=\"$LSHD_PORT\"" >>"$LSHD_DEFAULTS"
+ echo "ENABLE_SFTP=\"$ENABLE_SFTP\"" >> "$LSHD_DEFAULTS"
+
+ # Versions before 2.0.1cdbs-4 have a security issue, therefore
+ # have the random seed regenerated.
+ if [ "$2" ] && [ -e "/var/spool/lsh/yarrow-seed-file" ] \
+ && dpkg --compare-versions "$2" lt "2.0.1cdbs-4"; then
+ echo " Removing /var/spool/lsh/yarrow-seed-file, because of you are upgrading from a"
+ echo " version with a known security bug, so we can't trust the seed any more."
+ echo " It will be automatically regenerated from /dev/random."
+ rm /var/spool/lsh/yarrow-seed-file
+ fi
+
+ # Disable ssh if needed
+ if [ "$LSHD_PORT" -eq 22 ] ; then
+ if [ ! -d /etc/ssh ] ; then
+ mkdir -p /etc/ssh
+ fi
+
+ file=/etc/ssh/sshd_not_to_be_run
+ if [ ! -f "$file" ] ; then
+# stop ssh from starting at bootup
+ cat <<"EOF" >"$file"
+LSH_SERVER_CONFIG_GENERATED
+# Generated by lsh-server.postinst
+# Please don't remove this file unless you have first disabled lsh, and don't
+# change the first line ... otherwise lsh-server won't recognise it!!!
+EOF
+
+ if [ -x "/etc/init.d/ssh" ]; then
+ if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+ invoke-rc.d ssh stop || true
+ else
+ /etc/init.d/ssh stop || true
+ fi
+ fi
+ fi
+ fi
+
+ create_seed_and_key
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts
+
+#DEBHELPER#
+
+exit 0
Index: 2.0.4-dfsg-8/debian/lsh-server.templates
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-server.templates (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-server.templates (revision 89)
@@ -0,0 +1,31 @@
+Template: lsh-server/lshd_port
+Type: string
+Default: 22
+_Description: lsh server port:
+ The default port for lshd is 22. If you would like lshd to run on a
+ different port, please specify the alternative port here. If you specify
+ 22, you will need to manually disable any other ssh servers you have
+ running on port 22, other than OpenSSH (from the `openssh-server' package).
+ OpenSSH will be automatically disabled, if you choose 22 here.
+
+Template: lsh-server/sftp
+Type: boolean
+Default: false
+_Description: Enable the sftp subsystem?
+ If you want to use sftp with lsh, you will need this subsystem.
+ Please bear in mind, that it's still experimental. Therefore the default
+ is disabled but can be enabled now or later by manually changing
+ /etc/default/lsh-server.
+ .
+ Please choose whether you want to use the EXPERIMENTAL sftp support now.
+
+Template: lsh-server/purge_hostkey
+Type: boolean
+Default: false
+_Description: Remove host key on purge?
+ When this package is installed, a host key is generated to authenticate
+ your host. This host key is not purged with the rest of the package by
+ default.
+ .
+ Please choose whether you want to purge the host key when the package
+ is removed.
Index: 2.0.4-dfsg-8/debian/po/templates.pot
===================================================================
--- 2.0.4-dfsg-8/debian/po/templates.pot (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/templates.pot (revision 89)
@@ -0,0 +1,86 @@
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+#
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+# Developers do not need to manually edit POT or PO files.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr ""
Index: 2.0.4-dfsg-8/debian/po/pt.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/pt.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/pt.po (revision 89)
@@ -0,0 +1,90 @@
+# Portuguese translation for lsh-utils's debconf messages
+# Rui Branco <ruipb@debianpt.org>, 2006.
+# 2006-12-10 - Rui Branco - Initial translation
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2009-11-28 17:08+0100\n"
+"Last-Translator: Rui Branco <ruipb@debianpt.org>\n"
+"Language-Team: Portuguese <traduz@debianpt.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "porta do servidor lsh:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"A porta por omissão do lsh é a 22. Se preferir correr o lsh numa porta "
+"diferente, por favor especifique aqui a porta alternativa. Se especificar a "
+"22, terá que desactivar manualmente qualquer outro servidor ssh que tenha a "
+"correr na porta 22, que não o OpenSSH (a partir do pacote `openssh-server'). "
+"O OpenSSH será automaticamente desactivado, se escolher a porta 22 agora."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Activar o sub-sistema sftp?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Se quiser usar sftp com o lsh irá necessitar deste sub-sistema. Por favor "
+"tenha em mente que está ainda em experimental. Assim a omissão é "
+"desactivado, mas pode ser activado agora ou mais tarde, de modo manual "
+"alterando /etc/default/lsh-server."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr "Por favor decida se quer usar o suporte sftp EXPERIMENTAL agora."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Remover a chave da máquina na eliminação do pacote?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"Quando este pacote está instalado, uma chave da máquina é gerada de modo a "
+"autenticar a máquina. Esta chave por omissão não é removida com o resto do "
+"pacote."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr ""
+"Por favor escolha se quer remover a chave da máquina quando o pacote é "
+"eliminado."
Index: 2.0.4-dfsg-8/debian/po/da.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/da.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/da.po (revision 89)
@@ -0,0 +1,97 @@
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
+# Developers do not need to manually edit POT or PO files.
+#
+# Claus Hindsgaul <claus_h@image.dk>, 2005, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh debconf\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2009-11-28 17:44+0100\n"
+"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n"
+"Language-Team: Danish <dansk@klid.dk>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.1\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "lsh-serverport:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"lshd's standardport er 22. Hvis du ønsker at køre lshd på en anden port, så "
+"angiv den alternative port her. Hvis du skriver 22, skal du manuelt "
+"deaktivere eventuelle andre ssh-servere, du har kørende på port 22, udover "
+"OpenSSH (fra pakken openssh-server). OpenSSH bliver automatisk deaktiveret, "
+"hvis du skriver 22 her."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Skal sftp-undersystemet aktiveres?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Hvis du vil benytte sftp med lsh, skal du bruge dette undersystem. Du skal "
+"være klar over, at det stadig er eksperimentelt. Derfor er det som "
+"udgangspunkt deaktiveret, man kan aktiveres nu eller senere ved manuelt at "
+"rette i /etc/default/lsh-server."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr "Vælg om du vil benytte EKSPERIMENTEL sftp-understøttelse nu."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Fjern værtsnøglen ved udrensning?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"Når denne pakke er installeret, vil der blive genereret en værtsnøgle til at "
+"autentificere din vært. Denne værtsnøgle bliver som udgangspunkt ikke "
+"slettet med resten af pakken."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr "Vælg om du ønsker at slette værtsnøglen, når pakken fjernes."
Index: 2.0.4-dfsg-8/debian/po/cs.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/cs.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/cs.po (revision 89)
@@ -0,0 +1,98 @@
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+#
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+# Developers do not need to manually edit POT or PO files.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils 2.0.1-4\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2006-01-20 18:07+0100\n"
+"Last-Translator: Martin Sin <martin.sin@seznam.cz>\n"
+"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "Číslo portu lsh serveru:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"Výchozí číslo portu pro lshd je 22. Pokud si přejete spustit lshd na jiném "
+"portu, určete zde prosím jeho číslo. Pokud zadáte 22, budete muset ručně "
+"vypnout všechny ssh servery, které běží na tomto portu, kromě OpenSSH "
+"(součást balíčku `openssh-server'), které se zakáže automaticky."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Povolit podsystém sftp?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Přejete-li si používat sftp spolu s lsh, potřebujete tento podsystém. Mějte "
+"prosím na paměti, že je ještě experimentální. Z tohoto důvodu je standardně "
+"vypnut, ale nyní ho můžete povolit. Zapnout jej můžete také později pomocí "
+"úpravy souboru /etc/default/lsh-server."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr ""
+"Rozhodněte se prosím, zda nyní chcete zapnout EXPERIMENTÁLNÍ podporu sftp."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Smazat klíč hostitele při odstranění balíčku?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"Při instalaci balíčku je vytvořen klíč sloužící k ověření pravosti vašeho "
+"počítače. Tento klíč není implicitně odstraněn spolu se zbytkem balíčku."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr ""
+"Rozhodněte se prosím, zda si při odstranění balíčku přejete smazat také "
+"tento klíč."
Index: 2.0.4-dfsg-8/debian/po/ru.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/ru.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/ru.po (revision 89)
@@ -0,0 +1,97 @@
+# translation of ru.po to Russian
+# translation of lsh-utils_2.0.1-4.2_ru.po to Russian
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
+# Developers do not need to manually edit POT or PO files.
+# Yuri Kozlov <kozlov.y@gmail.com>, 2005, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils_2.0.1-4.2_templates\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2006-01-21 16:05+0300\n"
+"Last-Translator: Yuri Kozlov <kozlov.y@gmail.com>\n"
+"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.9.1\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "порт сервера lsh:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"По умолчанию lshd запускается на порту 22. Если вы хотите запускать lshd на "
+"другом порту, укажите его номер здесь. Если вы зададите порт 22, то вам "
+"нужно вручную выключить любые другие ssh сервера, запущенные на порту 22, "
+"кроме OpenSSH (из пакета `openssh-server').OpenSSH будет выключен "
+"автоматически, если вы укажите порт 22."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Включить подсистему sftp?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Для работы sftp с lsh требуется подсистема sftp. Заметим, что что это пока "
+"экспериментальная версия, поэтому, по умолчанию она выключена. Её можно "
+"включить отсюда или вручную в файле /etc/default/lsh-server."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr "Хотите использовать ЭКСПЕРИМЕНТАЛЬНУЮ поддержку sftp?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Удалять ключ хоста при вычистке ?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"При установке пакета создаётся ключ аутентификации данного хоста. По "
+"умолчанию, данный ключ не удаляется при вычистке пакета."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr "Выберите, нужно ли удалять ключ при удалении пакета."
Index: 2.0.4-dfsg-8/debian/po/es.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/es.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/es.po (revision 89)
@@ -0,0 +1,115 @@
+# lsh-utils po-debconf translation to Spanish
+# Copyright (C) 2009 Software in the Public Interest
+# This file is distributed under the same license as the lsh-utils package.
+#
+# Changes:
+# - Initial translation
+# Shukoh <felix_os69@hotmail.com> , 2009
+#
+#
+# Traductores, si no conoce el formato PO, merece la pena leer la
+# documentación de gettext, especialmente las secciones dedicadas a este
+# formato, por ejemplo ejecutando:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+#
+# Equipo de traducción al español, por favor lean antes de traducir
+# los siguientes documentos:
+#
+# - El proyecto de traducción de Debian al español
+# http://www.debian.org/intl/spanish/coordinacion
+# especialmente las notas de traducción en
+# http://www.debian.org/intl/spanish/notas
+#
+# - La guía de traducción de po's de debconf:
+# /usr/share/doc/po-debconf/README-trans
+# o http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils_2.0.4-dfsg-4\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2009-11-08 21:27+0100\n"
+"Last-Translator: Shuko <felix_os69@hotmail.com>\n"
+"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "Puerto del servidor lsh:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"El puerto predeterminado para lshd es el 22. Si desea que lshd se ejecute en "
+"un puerto diferente, por favor, especifique aquí el puerto alternativo. Si "
+"usa el puerto 22, deberá deshabilitar manualmente otros servidores ssh que "
+"tenga ejecutándose en dicho puerto, excepto OpenSSH (a partir del paquete "
+"«openssh-server»). OpenSSH se deshabilitará automáticamente, si selecciona "
+"aquí 22."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "¿Desea habilitar el subsistema sftp?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Si desea utilizar sftp con lsh, necesitará este subsistema. Por favor, no "
+"olvide que aún es experimental. Por ello, se encuentra deshabilitado de "
+"forma predeterminada, pero puede habilitarlo ahora o más tarde, editando "
+"manualmente «/etc/default/lsh-server»."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr ""
+"Por favor, seleccione si desea usar ahora el soporte EXPERIMENTAL para sftp."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "¿Desea eliminar la clave del equipo al purgar?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"Cuando este paquete se instala, se genera una clave para autenticar su "
+"equipo. Esta clave del equipo no se purga de forma predeterminada con el "
+"resto del paquete."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr ""
+"Por favor, seleccione si desea purgar la clave del equipo cuando se "
+"desinstale el paquete."
Index: 2.0.4-dfsg-8/debian/po/fr.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/fr.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/fr.po (revision 89)
@@ -0,0 +1,106 @@
+# translation of fr.po to French
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+#
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+# Developers do not need to manually edit POT or PO files.
+#
+# Christian Perrier <bubulle@debian.org>, 2005, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: fr\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2006-01-20 15:49+0100\n"
+"Last-Translator: Christian Perrier <bubulle@debian.org>\n"
+"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.1\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "Port du serveur lsh :"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"Le port par défaut pour lshd est 22. Veuillez modifier cette valeur si vous "
+"souhaitez qu'il soit à l'écoute sur un autre port. Si vous choisissez le "
+"port 22, pensez à désactiver vous-même les autres serveurs SSH qui "
+"pourraient fonctionner sur le port 22, à part OpenSSH (du paquet « openssh-"
+"server ») qui, lui, sera désactivé automatiquement si vous choisissez le "
+"port 22."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Faut-il activer les fonctionnalités sftp ?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Si vous souhaitez utiliser sftp avec lsh, celui-ci doit être activé. "
+"Veuillez noter que la gestion de sftp est encore expérimentale. En "
+"conséquence, le service est désactivé par défaut. Cette opération peut être "
+"réalisée automatiquement. Dans le cas contraire, vous devrez modifier /etc/"
+"default/lsh-server pour l'activer."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr ""
+"Veuillez confirmer si vous souhaitez activer la gestion expérimentale de "
+"sftp."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Faut-il supprimer la clé d'hôte lors de la purge du paquet ?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"Lors de l'installation de ce paquet, une clé d'hôte est générée pour "
+"permettre l'authentification de votre serveur. Par défaut, cette clé d'hôte "
+"n'est pas supprimée lorsque le paquet est complètement supprimé (purgé)."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr ""
+"Si vous souhaitez que la clé d'hôte soit supprimée quand le paquet est "
+"purgé, vous devriez choisir cette option."
Index: 2.0.4-dfsg-8/debian/po/de.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/de.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/de.po (revision 89)
@@ -0,0 +1,102 @@
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+#
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+# Developers do not need to manually edit POT or PO files.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2005-11-15 07:00+0100\n"
+"Last-Translator: Stefan Pfetzing <dreamind@dreamind.de>\n"
+"Language-Team: German <debian-l10n-german@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-15\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "Port für den lsh-Server:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"Der Standardport für lshd ist 22. Wenn Sie möchten, dann können Sie lshd "
+"auch mit einem anderen Port laufen lassen; bitte geben Sie dann den "
+"entsprechenden Port hier an. Wenn Sie Port 22 verwenden wollen, dann müssen "
+"Sie alle anderen ssh-Server, (außer OpenSSH aus dem 'openssh-server'-Paket) "
+"die Port 22 verwenden, deaktivieren. OpenSSH wird automatisch abgeschaltet "
+"wenn Sie hier 22 wählen."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Soll das sftp Subsystem aktiviert werden?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Wenn Sie sftp in Verbindung mit lsh benutzen möchten, müssen Sie dieses "
+"Subsystem aktivieren. Allerdings sollte Ihnen klar sein, dass die "
+"Unterstützung dafür noch experimentell ist. Deswegen ist die Unterstützung "
+"dafür Standardmässig deaktiviert, kann allerdings jetzt aktiviert werden "
+"oder Sie können später /etc/default/lsh-server anpassen."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr ""
+"Bitte wählen Sie, ob Sie die EXPERIMENTELLE sftp Unterstützung wünschen."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Beim Entfernen des Packetes den Hostkey löschen?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"Wenn dieses Packet installiert wird, wird ein Hostkey generiert, um den "
+"Rechner zu authentifizieren. Dieser Hostkey wird beim entfernen des Packetes "
+"standardmässig nicht mit dem Rest des Packetes gelöscht."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr ""
+"Bitte wählen Sie, ob Sie den Hostkey beim entfernen des Packetes löschen "
+"wollen."
Index: 2.0.4-dfsg-8/debian/po/sv.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/sv.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/sv.po (revision 89)
@@ -0,0 +1,89 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils 2.0.2-1\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2006-02-06 20:24+0100\n"
+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
+"Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "Serverport för lsh:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"Standardport för lshd är 22. Om du vill att lshd ska köra på en annan port, "
+"ange den alternativa porten här. Om du anger 22, behöver du manuellt "
+"inaktivera eventuellt andra ssh-servrar som du har körande på port 22, "
+"förutom OpenSSH (från paketet \"openssh-server\"). OpenSSH kommer att "
+"inaktiveras automatiskt, om du väljer 22 här."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Aktivera sftp-undersystemet?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Om du vill använda sftp med lsh, behöver du detta undersystem. Tänk på att "
+"det fortfarande är experimentellt. Därför är det inaktiverat som standard "
+"men kan aktiveras nu eller senare manuellt genom att ändra /etc/default/lsh-"
+"server."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr "Välj om du vill använda stödet för den EXPERIMENTELLA sftp nu."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Ta bort värdnyckel vid avinstallation?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"När detta paket installeras, genereras en värdnyckel för att autentisera "
+"ditt värdsystem. Denna värdnyckel tas som standard inte bort med resten av "
+"paketet."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr "Välj om du vill ta bort värdnyckeln när paketet tas bort."
Index: 2.0.4-dfsg-8/debian/po/nl.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/nl.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/nl.po (revision 89)
@@ -0,0 +1,99 @@
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+#
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+# Developers do not need to manually edit POT or PO files.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils 2.0.1cdbs-4\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2009-11-28 17:44+0100\n"
+"Last-Translator: Luk Claes <luk@debian.org>\n"
+"Language-Team: Debian l10n Dutch <debian-l10n-dutch@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "lsh-serverpoort:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"De standaardpoort voor lshd is 22. Als u wilt dat lshd draait op een andere "
+"poort, specificeer deze alternatieve poort dan hier. Als u 22 aangeeft, dan "
+"zult u andere ssh-servers die draaien op poort 22 verschillend van OpenSSH "
+"(uit het `openssh-server'-pakket) handmatig moeten uitschakelen. OpenSSH zal "
+"automatisch uigeschakeld worden als u hier 22 kiest."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Het sftp-subsysteem aanschakelen?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Als u sftp wilt gebruiken met lsh, dan zal u dit subsysteem nodig hebben. "
+"Merk echter op dat het nog altijd experimenteel is. Daarom wordt het "
+"standaard uitgeschakeld, maar kan het nu of later worden aangeschakeld door /"
+"etc/default/lsh-server handmatig te bewerken."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr "Kies nu of u de EXPERIMENTELE sftp-ondersteuning wilt gebruiken."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Host-sleutel verwijderen bij wissen (purge)?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"Wanneer dit pakket wordt geïnstalleerd, wordt er een host-sleutel aangemaakt "
+"om uw computer te authenticeren. Deze host-sleutel wordt standaard niet "
+"verwijderd met de rest van het pakket."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr ""
+"Kies of u de host-sleutel wilt verwijderen wanneer het pakket wordt "
+"verwijderd."
Index: 2.0.4-dfsg-8/debian/po/ja.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/ja.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/ja.po (revision 89)
@@ -0,0 +1,98 @@
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+#
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+# Developers do not need to manually edit POT or PO files.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils 2.0.4-dfsg-4\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2009-11-28 17:25+0100\n"
+"Last-Translator: Hideki Yamane (Debian-JP) <henrich@debian.or.jp>\n"
+"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "lsh サーバのポート番号:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"lshd のデフォルトのポート番号は 22 番です。別のポートで lshd を動作させたい場"
+"合は、ここで別のポートを指定してください。22 番を指定した場合は、同じポート番"
+"号で動作する (openssh-server パッケージの) OpenSSH 以外の ssh サーバを手動で"
+"無効にする必要があります。ポート 22 番を選択した場合、OpenSSH は自動的に無効"
+"に設定されます。"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "sftp サブシステムを有効にしますか?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"lsh で sftp を使いたい場合は、このサブシステムを有効にする必要があります。覚"
+"えていてほしいのですが、これはまだ実験的なものです。そのためデフォルトでは無"
+"効になっていますが、今すぐ有効にすることもできますし、あるいは後ほど手動で /"
+"etc/default/lsh-server を変更して有効にもできます。"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr "「実験的な」sftp サポートを使うかどうかを選んでください。"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "完全削除 (purge) 時にホスト鍵を削除しますか?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"このパッケージがインストールされる際、ホストを認証するためのホスト鍵が生成さ"
+"れます。このホスト鍵はデフォルトではパッケージの他のファイルと一緒に削除され"
+"ません。"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr ""
+"パッケージが削除される際にホスト鍵も完全に削除するかどうかを選んでください。"
Index: 2.0.4-dfsg-8/debian/po/nn.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/nn.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/nn.po (revision 89)
@@ -0,0 +1,88 @@
+# translation of lsh-utils.po to Norwegian (Nynorsk)
+#
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
+# Developers do not need to manually edit POT or PO files.
+# Håvard Korsvoll <korsvoll@skulelinux.no>, 2005.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils_nn\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2009-11-28 17:53+0100\n"
+"Last-Translator: Håvard Korsvoll <korsvoll@skulelinux.no>\n"
+"Language-Team: Norwegian (Nynorsk) <i18n-nn@lister.ping.uio.no>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.9.1\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "lsh tenarport:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+#, fuzzy
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr "Standardport for lshd er 22. Viss du vil la lshd køyre på ein anna port, oppgje den alternative porten her. Viss du oppgjev 22, må du manuelt slå av andre ssh-tenarar du køyrer på port 22, andre enn OpenSSH (frå ssh-pakka), og du vil bli spurd om du vil bruke lshd sin eigenskap til å vidarekople ssh for å la ssh1 fungere som normalt."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Fjern vertsnøkkel ved utreinsking?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr "Når denne pakka blir installert, vil ein vertsnøkkel bli laga for å autentisere verten. Denne vertsnøkkelen blir ikkje fjerna saman med resten av pakka som standard."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+#, fuzzy
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr "Viss du vil fjerna han saman med pakka når den blir fjerna så må du oppgje det her."
Index: 2.0.4-dfsg-8/debian/po/vi.po
===================================================================
--- 2.0.4-dfsg-8/debian/po/vi.po (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/vi.po (revision 89)
@@ -0,0 +1,89 @@
+# Vietnamese Translation for lsh-utils.
+# Copyright © 2005-2006 Free Software Foundation, Inc.
+# Clytie Siddall <clytie@riverland.net.au>, 2005-2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: lsh-utils 2.0.1-4\n"
+"Report-Msgid-Bugs-To: lsh-utils@packages.debian.org\n"
+"POT-Creation-Date: 2009-11-28 17:05+0100\n"
+"PO-Revision-Date: 2009-11-28 17:43+0100\n"
+"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n"
+"Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0\n"
+"X-Generator: LocFactoryEditor 1.6b31\n"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid "lsh server port:"
+msgstr "Cổng máy phục vụ « lsh »:"
+
+#. Type: string
+#. Description
+#: ../lsh-server.templates:1001
+msgid ""
+"The default port for lshd is 22. If you would like lshd to run on a "
+"different port, please specify the alternative port here. If you specify 22, "
+"you will need to manually disable any other ssh servers you have running on "
+"port 22, other than OpenSSH (from the `openssh-server' package). OpenSSH "
+"will be automatically disabled, if you choose 22 here."
+msgstr ""
+"Cổng mặc định cho trình nền lshd là 22. Nếu bạn muốn trình nền lshd chạy "
+"trong một cổng khác, hãy ghi rõ cổng đó vào đây. Nếu bạn ghi rõ cổng 22 thì "
+"sẽ phải tự tắt máy phục vụ SSH nào đang chạy trên cổng 22, khác với OpenSSH, "
+"(từ gói « openssh-server »). Nếu bạn chọn cổng 22 ở đây, OpenSSH sẽ bị tắt "
+"tự động."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid "Enable the sftp subsystem?"
+msgstr "Bật hệ thống con SFTP không?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"If you want to use sftp with lsh, you will need this subsystem. Please bear "
+"in mind, that it's still experimental. Therefore the default is disabled "
+"but can be enabled now or later by manually changing /etc/default/lsh-server."
+msgstr ""
+"Nếu bạn muốn sử dụng SFTP cùng với lsh, bạn sẽ cần có hệ thống con này. Hãy "
+"ghi chú rằng nó vấn còn dựa trên thí nghiệm, thì giá trị mặc định bị tắt. "
+"Tuy nhiên, bạn có thể bật nó, hoặc bây giờ hoặc sau này, bằng tự sửa đổi </"
+"etc/default/lsh-server>."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:2001
+msgid ""
+"Please choose whether you want to use the EXPERIMENTAL sftp support now."
+msgstr "Bạn có muốn sử dụng cách hỗ trợ SFTP _thực nghiệm_ không?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid "Remove host key on purge?"
+msgstr "Gỡ bỏ khóa máy khi tẩy không?"
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"When this package is installed, a host key is generated to authenticate your "
+"host. This host key is not purged with the rest of the package by default."
+msgstr ""
+"Khi cài đặt gói này, cũng tạo ra một khóa máy chủ, để xác thực máy của bạn. "
+"Mặc định là khóa máy này không bị tẩy cùng với các phần gói khác."
+
+#. Type: boolean
+#. Description
+#: ../lsh-server.templates:3001
+msgid ""
+"Please choose whether you want to purge the host key when the package is "
+"removed."
+msgstr "Hãy chọn có nên tẩy khóa máy chủ khi gói được gỡ bỏ hay không."
Index: 2.0.4-dfsg-8/debian/po/POTFILES.in
===================================================================
--- 2.0.4-dfsg-8/debian/po/POTFILES.in (nonexistent)
+++ 2.0.4-dfsg-8/debian/po/POTFILES.in (revision 89)
@@ -0,0 +1 @@
+[type: gettext/rfc822deb] lsh-server.templates
Index: 2.0.4-dfsg-8/debian/mans/lcp.1
===================================================================
--- 2.0.4-dfsg-8/debian/mans/lcp.1 (nonexistent)
+++ 2.0.4-dfsg-8/debian/mans/lcp.1 (revision 89)
@@ -0,0 +1,73 @@
+.\" -*- nroff -*-
+.\"
+.\" lcp.1
+.\"
+.Dd November 8, 2005
+.Dt LCP 1
+.Os
+.Sh NAME
+.Nm lcp
+.Nd Secure remote file copy
+.Sh SYNOPSIS
+.Nm lcp
+.Bk -words
+.Op Fl fvn
+.Sm off
+.Oo
+.Op Ar user No @
+.Ar host1 No :
+.Oc Ns Ar file1
+.Sm on
+.Sm off
+.Oo
+.Op Ar user No @
+.Ar host2 No :
+.Oc Ar file2
+.Sm on
+.Ek
+.\"
+.Sh DESCRIPTION
+.Nm
+is a program that securely copies files between two hosts on a
+network. This is intended as a secure replacement for
+.Xr rcp 1 .
+Note
+that both the source and the destination can be on remote machines.
+.\"
+.Sh OPTIONS
+Available options:
+.\"
+.Bl -tag -width Ds
+.It Fl \-help
+Show summary of options.
+.It Fl f, \-force
+Overwrite existing files.
+.It Fl v, \-version
+Display commands before they are executed.
+.It Fl n, \-dry\-run
+Don't execute any commands. Implies -v.
+.El
+.\"
+.\"
+.Sh ENVIRONMENT
+.Bl -tag -width ".Ev LSFTP_RSH"
+.It Ev LSFTP_RSH
+The program to use for the SSH tunnel. If the variable is not set, lcp
+defaults to using lsh.
+.El
+.\"
+.Sh "REPORTING BUGS"
+Report bugs to <bug-lsh@gnu.org>.
+.\"
+.Sh AUTHOR
+The lsh program suite is written mainly by Niels M\[:o]ller <nisse@lysator.liu.se>.
+.\"
+This man-page was written for
+the Debian GNU/Linux system by Charles Fry <debian@frogcircus.org>.
+.\"
+.Sh "SEE ALSO"
+.Xr rcp 1 ,
+.Xr scp 1 ,
+.Xr lsftp 1 ,
+.Xr lsh 1 ,
+.Xr lshd 8
Index: 2.0.4-dfsg-8/debian/mans/lsh-execuv.8
===================================================================
--- 2.0.4-dfsg-8/debian/mans/lsh-execuv.8 (nonexistent)
+++ 2.0.4-dfsg-8/debian/mans/lsh-execuv.8 (revision 89)
@@ -0,0 +1,70 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH LSH-EXECUV 8 "Jul 05 2002" lsh-execuv "lsh manuals"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+lsh-execuv \- program to securely execute a program as another user
+.SH SYNOPSIS
+.B lsh-execuv
+.RI [ options ] " program " [ -- ] " real-argv"
+.SH DESCRIPTION
+This manual page documents briefly the
+.B lsh-execuv
+command.
+This manual page was written for the Debian distribution
+because the original program does not have a manual page.
+.PP
+.\" TeX users may be more comfortable with the \fB<whatever>\fP and
+.\" \fI<whatever>\fP escape sequences to invode bold face and italics,
+.\" respectively.
+\fBlsh-execuv\fP is a utility program for the lsh server that securely executes
+a program as a different user.
+another user.
+.SH OPTIONS
+A summary of options is included below.
+.TP
+.B \-u \fIuid\fP
+setuid to numeric \fIuid\fP before running \fIprogram\fP. Usernames are
+not supported, only numeric uids.
+.TP
+.B \-g \fIgid\fP
+setgid to numeric \fIgid\fP before running \fIprogram\fP. Group names are
+not supported, only numeric gids.
+.TP
+.B \-n \fIuser-name\fP
+User name, needed for initgroups
+.TP
+.B \-i
+Call initgroups, requires that -n \fIuser-name\fP be specified.
+.TP
+.B \-c
+Clear the list of supplimentary groups.
+.TP
+.B \-p
+Use $PATH variable to search for program.
+.TP
+.B \-?
+Show summary of options.
+.SH SEE ALSO
+.BR lsh (1),
+.BR lshd (8).
+.BR
+The programs are documented fully by
+.IR "Lsh" ,
+available via the Info system.
+.SH AUTHOR
+This manual page was written by Timshel Knoll <timshel@debian.org>,
+for the Debian GNU/Linux system (but may be used by others).
Index: 2.0.4-dfsg-8/debian/mans/lsh-pam-checkpw.8
===================================================================
--- 2.0.4-dfsg-8/debian/mans/lsh-pam-checkpw.8 (nonexistent)
+++ 2.0.4-dfsg-8/debian/mans/lsh-pam-checkpw.8 (revision 89)
@@ -0,0 +1,53 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH LSH-PAM-CHECKPW 8 "Jul 05 2002" lsh-pam-checkpw "lsh manuals"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+lsh-pam-checkpw \- program to check a PAM username/password combination
+.SH SYNOPSIS
+.B lsh-pam-checkpw
+.RI username-to-check
+.SH DESCRIPTION
+This manual page documents briefly the
+.B lsh-pam-checkpw
+command.
+This manual page was written for the Debian distribution
+because the original program does not have a manual page.
+Instead, it has documentation in the GNU Info format; see below.
+.PP
+.\" TeX users may be more comfortable with the \fB<whatever>\fP and
+.\" \fI<whatever>\fP escape sequences to invode bold face and italics,
+.\" respectively.
+\fBlsh-pam-checkpw\fP is a program that checks if a username and password
+combination is valid for login by doing a PAM lookup. It is designed to be
+used as a password helper program for \fBlshd (8)\fP, (eg.
+\fB\-\-password\-helper=/usr/sbin/lsh-pam-checkpw\fP.
+.PP
+.B lsh-pam-checkpw
+takes one required argument, which is the username, and reads the password from
+stdin, then returns 0 if the password is valid, or 1 otherwise. Note that the
+password must be supplied exactly, ie. there must be no newline after the
+password, so if invoking from a shell, just type "<your-password><CTRL-D>".
+.SH SEE ALSO
+.BR lsh (1),
+.BR lshd (8).
+.BR
+The programs are documented fully by
+.IR "Lsh" ,
+available via the Info system.
+.SH AUTHOR
+This manual page was written by Timshel Knoll <timshel@debian.org>,
+for the Debian GNU/Linux system (but may be used by others).
Index: 2.0.4-dfsg-8/debian/mans/lsh-export-key.1
===================================================================
--- 2.0.4-dfsg-8/debian/mans/lsh-export-key.1 (nonexistent)
+++ 2.0.4-dfsg-8/debian/mans/lsh-export-key.1 (revision 89)
@@ -0,0 +1,77 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH LSH-EXPORT-KEY 1 "Apr 19, 2002" lsh-export-key "lsh manuals"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+lsh-export-key \- Converts an s-expression to the OpenSSH/SSH2 encoding format.
+.SH SYNOPSIS
+.B lsh-export-key
+.RI [ options ]
+.SH DESCRIPTION
+\fBlsh-export-key\fP is a utility which reads an s-expression on stdin,
+and writes the same s-expression to stdout, using the OpenSSH/SSH2
+encoding format.
+.SH OPTIONS
+These programs follow the usual GNU command line syntax, with long
+options starting with two dashes (`-').
+A summary of options is included below.
+.TP
+.B \-c, \-\-comment=\fIcomment\fP
+Adds \fIcomment\fP to output key as its comment
+.TP
+.B \-o, \-\-output\-file=\fIfilename\fP
+Write output key to \fIfilename\fP, default is stdout
+.TP
+.B \-r, \-\-input\-file=\fIfilename\fP
+Read input key from \fIfilename\fP, default is stdin
+.TP
+.B \-s, \-\-subject=\fIsubject\fP
+Adds \fIsubject\fP to the output key as its subject
+.TP
+.B \-\-debug
+Prints huge amounts of debug information
+.TP
+.B \-q, \-\-quiet
+Suppress all warnings and diagnostic messages
+.TP
+.B \-\-trace
+Detailed program trace
+.TP
+.B \-\-verbose
+verbose diagnostic messages
+.TP
+.B \-i, \-\-input\-format=\fIformat\fP
+Input is in the \fIformat\fP variant of s-expression syntax, \fIformat\fP must
+be one of "transport", "canonical", "advanced" or "international"
+.TP
+.B \-?, \-\-help
+Show summary of options
+.TP
+.B \-\-usage
+Prints a short usage message
+.TP
+.B \-V, \-\-version
+Prints the program version
+.SH SEE ALSO
+.BR lsh (1),
+.BR lshd (8),
+.BR sexp-conv (1),
+.BR ssh-conv (1),
+.BR lsh-decode-key (1).
+.br
+.SH AUTHOR
+This manual page was written by Timshel Knoll <timshel@debian.org>,
+for the Debian GNU/Linux system (but may be used by others).
Index: 2.0.4-dfsg-8/debian/mans/lsh-krb-checkpw.8
===================================================================
--- 2.0.4-dfsg-8/debian/mans/lsh-krb-checkpw.8 (nonexistent)
+++ 2.0.4-dfsg-8/debian/mans/lsh-krb-checkpw.8 (revision 89)
@@ -0,0 +1,53 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH LSH-KRB-CHECKPW 8 "Nov 15 2005" lsh-krb-checkpw "lsh manuals"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+lsh-krb-checkpw \- program to check a Kerberos username/password combination
+.SH SYNOPSIS
+.B lsh-krb-checkpw
+.RI username-to-check
+.SH DESCRIPTION
+This manual page documents briefly the
+.B lsh-krb-checkpw
+command.
+This manual page was written for the Debian distribution
+because the original program does not have a manual page.
+Instead, it has documentation in the GNU Info format; see below.
+.PP
+.\" TeX users may be more comfortable with the \fB<whatever>\fP and
+.\" \fI<whatever>\fP escape sequences to invode bold face and italics,
+.\" respectively.
+\fBlsh-krb-checkpw\fP is a program that checks if a username and password
+combination is valid for login by doing a kerberos lookup. It is designed to be
+used as a password helper program for \fBlshd (8)\fP, (eg.
+\fB\-\-password\-helper=/usr/sbin/lsh-krb-checkpw\fP.
+.PP
+.B lsh-krb-checkpw
+takes one required argument, which is the username, and reads the password from
+stdin, then returns 0 if the password is valid, or 1 otherwise. Note that the
+password must be supplied exactly, ie. there must be no newline after the
+password, so if invoking from a shell, just type "<your-password><CTRL-D>".
+.SH SEE ALSO
+.BR lsh (1),
+.BR lshd (8).
+.BR
+The programs are documented fully by
+.IR "Lsh" ,
+available via the Info system.
+.SH AUTHOR
+This manual page was written by Timshel Knoll <timshel@debian.org>,
+for the Debian GNU/Linux system (but may be used by others).
Index: 2.0.4-dfsg-8/debian/mans/lsh_proxy.8
===================================================================
--- 2.0.4-dfsg-8/debian/mans/lsh_proxy.8 (nonexistent)
+++ 2.0.4-dfsg-8/debian/mans/lsh_proxy.8 (revision 89)
@@ -0,0 +1,129 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH LSH_PROXY 1 "Apr 19, 2000" lsh_proxy "Lsh manuals"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+lsh_proxy \- Server for the ssh-2 protocol.
+.SH SYNOPSIS
+.B lsh_proxy
+.RI [ options ]
+.SH DESCRIPTION
+This manual page documents briefly the
+.B lsh_proxy
+command.
+.SH OPTIONS
+These programs follow the usual GNU command line syntax, with long
+options starting with two dashes (`-').
+A summary of options is included below.
+For a complete description, see the Info files.
+.TP
+.B \-D, \-\-destination=\fIdestination:port\fP
+Destination ssh server address (transparent if not given).
+.TP
+.B \-h, \-\-host\-key=\fIkey\-file\fP
+Location of the server's public key.
+.TP
+.B \-\-interface=\fIinterface\fP
+Listen on this network interface.
+.TP
+.B \-\-no\-tcp\-forward
+Disable TCP/IP forwarding.
+.TP
+.B \-p, \-\-port=\fIport\fP
+Listen on this port.
+.TP
+.B \-\-tcp\-forward
+Enable TCP/IP forwarding (default).
+.TP
+.B \-c, \-\-crypto=\fIcrypto\-algorithm\fP
+The crypto algorithm to use. Supported types of \fIcrypto\-algorithm\fP (in
+order of preference) are "3des-cbc", "twofish-cbc", "cast128-cbc",
+"serpent-cbc@lysator.liu.se", "rijndael@lysator.liu.se", "blowfish-cbc",
+"arcfour", "none". The default is to use triple-DES in CBC mode ("3des-cbc").
+You may also specify "all" to enable all supported crypto
+algorithms (except "none").
+.TP
+.B \-\-hostkey\-algorithm=\fIhostkey\-algorithm\fP
+The hostkey algorithm to use. Supported types of \fIhostkey\-algorithm\fP (in
+order of preference) are "ssh-dss", "spki", "none".
+.TP
+.B \-m, \-\-mac=\fImac\-algorithm\fP
+The MAC (message authentication) algorithm to use. Supported types of
+\fImac\-algorithm\fP (in order of preference) are "hmac-sha1", "hmac-md5",
+"none".
+.TP
+.B \-z, \-\-compression[=\fIcompression\-algorithm\fP]
+The compression algorithm to use. Supported types of
+\fIcompression\-algorithm\fP are "none", "zlib". The default preference list
+supports zlib compression, but prefers not to use it. If \-z or \-\-compression
+is specified with no argument, the compression algorithm list is changed to
+"zlib", "none", which means that zlib is the preferred method of compression.
+A somewhat unobvious consequence of -z having an optional argument is that if
+you provide an argument, it must follow directly after the option letter, no
+spaces allowed.
+.TP
+.B \-\-list\-algorithms
+List supported crypto, compression, MAC and hostkey algorithms.
+.TP
+.B \-i, \-\-input\-format=\fIformat\fP
+Accept S-expressions of format \fIformat\fP.
+.TP
+.B \-\-daemonic
+Run in the background, redirect stdio to /dev/null, chdir to /.
+.TP
+.B \-\-enable\-core
+Dump core on fatal errors (disabled by default).
+.TP
+.B \-\-no\-daemonic
+Run in the foreground, with messages to stderr (default).
+.TP
+.B \-\-no\-pid\-file
+Don't use any pid file. Default in non-daemonic mode.
+.TP
+.B \-\-pid\-file=\fIpid\-file\fP
+Create pid file \fIpid\-file\fP. When running in daemonic mode, the default is
+/var/run/lsh_proxy.pid.
+.TP
+.B \-\-debug
+Print huge amounts of debug information.
+.TP
+.B \-q, \-\-quiet
+Suppress all warnings and diagnostic messages.
+.TP
+.B \-\-trace
+Print a detailed program trace.
+.TP
+.B \-\-verbose
+Print verbose diagnostic messages.
+.TP
+.B \-?, \-\-help
+Show summary of options.
+.TP
+.B \-\-usage
+Give a short usage message.
+.TP
+.B \-V, \-\-version
+Show version of program.
+.SH SEE ALSO
+.BR lsh (1).
+.BR lshd (8)
+.BR
+The programs are documented fully by
+.IR "Lsh" ,
+available via the Info system.
+.SH AUTHOR
+This manual page was written by Robert Bihlmeyer <robbe@orcus.priv.at>,
+for the Debian GNU/Linux system (but may be used by others).
Index: 2.0.4-dfsg-8/debian/mans/srp-gen.1
===================================================================
--- 2.0.4-dfsg-8/debian/mans/srp-gen.1 (nonexistent)
+++ 2.0.4-dfsg-8/debian/mans/srp-gen.1 (revision 89)
@@ -0,0 +1,90 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH SRP-GEN 1 "Apr 10, 2002" srp-gen "lsh manuals"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+srp-gen \- generate a password verifier for the SRP protocol.
+.SH SYNOPSIS
+.B srp-gen
+.RI [ options ]
+.SH DESCRIPTION
+This manual page documents briefly the
+.B srp-gen
+command.
+This manual page was written for the Debian GNU/Linux distribution
+because the original program does not have a manual page.
+Instead, it has documentation in the GNU Info format; see below.
+.PP
+.\" TeX users may be more comfortable with the \fB<whatever>\fP and
+.\" \fI<whatever>\fP escape sequences to invode bold face and italics,
+.\" respectively.
+\fBsrp-gen\fP is a program that generates a password verifier for the Secure
+Remote Password protocol. The password verifier should be stored as
+~/.lsh/srp-verifier on the target (remote) machine on which you want to
+authenticate using SRP.
+
+For more information about SRP, see the "srp" node of the "Getting started"
+section of the Lsh manual available via the info system.
+.SH OPTIONS
+This program follows the usual GNU command line syntax, with long
+options starting with two dashes (`-').
+A summary of options is included below.
+For a complete description, see the Info files.
+.TP
+.B \-l, \-\-user=\fIusername\fP
+User name.
+.TP
+.B \-o, \-\-output\-file=\fIfilename\fP
+The file to output to. Default is to output to stdout.
+.TP
+.B \-p, \-\-password=\fIpassword\fP
+The password to use.
+.TP
+.B \-\-debug
+Print lots of debug information.
+.TP
+.B \-q, \-\-quiet
+Suppress all warnings and diagnostic messages.
+.TP
+.B \-\-trace
+Detailed trace.
+.TP
+.B \-v, \-\-verbose
+Print verbose diagnostic messages.
+.TP
+.B \-f, \-\-output\-format=format
+The S-expression output format. Valid sexp formats are: transport, canonical,
+advanced and international.
+.TP
+.B \-?, \-\-help
+Show summary of options.
+.TP
+.B \-\-usage
+Show a short usage message.
+.TP
+.B \-V, \-\-version
+Show version of program.
+.SH SEE ALSO
+.BR lsh (1),
+.BR lshd (1),
+.BR sexp-conv (1).
+.br
+The lsh programs (including this one) are documented fully by
+.IR "Lsh" ,
+available via the Info system.
+.SH AUTHOR
+This manual page was written by Timshel Knoll <timshel@debian.org>,
+for the Debian GNU/Linux system (but may be used by others).
Index: 2.0.4-dfsg-8/debian/copyright
===================================================================
--- 2.0.4-dfsg-8/debian/copyright (nonexistent)
+++ 2.0.4-dfsg-8/debian/copyright (revision 89)
@@ -0,0 +1,45 @@
+This package was debianized by Timshel Knoll <timshel@debian.org> on
+Thu, 25 May 2000 13:13:39 +1000. Package based on initial work by
+Robert Bihlmeyer <robbe@orcus.priv.at>
+
+It was downloaded from ftp://ftp.lysator.liu.se/pub/security/lsh/
+
+The original upstream tarball has been repacked because it bundles
+Nettle 1.14 (actually a snapshot between 1.14 and 1.15), which
+contains a non-free RFC.
+
+Upstream Authors: Niels Möller <nisse@lysator.liu.se>
+ Balázs Scheidler
+ Many others, too numerous to list here. See the file
+ `/usr/share/doc/lsh-utils/AUTHORS' for a more complete list of
+ the authors and licenses the of various lsh components.
+
+Copyright:
+
+ Copyright (C) 1999 Niels Möller
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+
+On Debian GNU/Linux systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL'.
+
+Some of the components of lsh are licensed under the GNU Lesser
+General Public License (LGPL) which can be found (on Debian GNU
+systems) in the file `/usr/share/common-licenses/LGPL'
+
+Other components of lsh are from the public domain. For a more
+complete list of the authors and licenses of various components
+within lsh, see the file `/usr/share/doc/lsh-utils/AUTHORS'
+
+The Debian patch debian/patches/blacklist.dpatch contains code from
+the openssh package, apparently written by Colin Watson (cjwatson) and
+released under a BSD license.
Index: 2.0.4-dfsg-8/debian/lsh-server.init.d
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-server.init.d (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-server.init.d (revision 89)
@@ -0,0 +1,82 @@
+#!/bin/sh
+#
+# lsh-utils Start/stop secure shell server.
+# Written by Timshel Knoll <timshel@debian.org>
+# Updated by Stefan Pfetzing <dreamind@dreamind.de>
+# Updated by Magnus Holmgren <magnus@debian.org>
+
+### BEGIN INIT INFO
+# Provides: lsh-server
+# Required-Start: $local_fs $remote_fs $syslog $named $network
+# Required-Stop: $local_fs $remote_fs $syslog $named $network
+# X-Start-Before: cman drbd smokeping vz
+# X-Stop-After: cman drbd smokeping vz
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: lsh secure shell server
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/lshd
+NAME=lshd
+DESC="secure shell v2 server"
+CONFIG=/etc/default/lsh-server
+PIDFILE=/var/run/$NAME.pid
+
+RANDOM_SEED="/var/spool/lsh/yarrow-seed-file"
+HOST_KEY="/etc/lsh_host_key"
+
+test -f $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+set +e
+
+if [ -r "$CONFIG" ]; then
+ . "$CONFIG"
+fi
+
+if [ x"$LSHD_PORT" = x ]; then
+ LSHD_PORT="22"
+fi
+
+case "$ENABLE_SFTP" in
+ true|y*|Y*)
+ SFTP_FLAG="--subsystems sftp=/usr/lib/lsh-server/sftp-server"
+ ;;
+ *)
+ SFTP_FLAG=""
+ ;;
+esac
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC" "$NAME"
+ start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON \
+ -- --daemonic --port "$LSHD_PORT" $SFTP_FLAG
+ log_end_msg $?
+ ;;
+ stop|graceful-stop)
+ log_daemon_msg "Gracefully stopping $DESC" "$NAME"
+ # Signal 1 causes the "old" lsh to close up shop on its port, but
+ # keeps running until all active connections have been closed
+ start-stop-daemon --stop --retry HUP/1 --quiet --pidfile $PIDFILE \
+ --oknodo --exec $DAEMON
+ log_end_msg $?
+ ;;
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ start-stop-daemon --stop --retry HUP/1 --quiet --pidfile $PIDFILE \
+ --oknodo --exec $DAEMON &&
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \
+ -- --daemonic --port "$LSHD_PORT" $SFTP_FLAG
+ log_end_msg $?
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: /etc/init.d/lsh-utils {start|stop|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
Index: 2.0.4-dfsg-8/debian/lsh-server.manpages
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-server.manpages (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-server.manpages (revision 89)
@@ -0,0 +1,5 @@
+debian/mans/lsh-execuv.8
+debian/mans/lsh-pam-checkpw.8
+debian/mans/lsh-krb-checkpw.8
+doc/lshd.8
+src/sftp/sftp-server.8*
Index: 2.0.4-dfsg-8/debian/lsh-server.install
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-server.install (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-server.install (revision 89)
@@ -0,0 +1,5 @@
+usr/sbin/lshd
+usr/sbin/lsh-execuv
+usr/sbin/lsh-krb-checkpw
+usr/sbin/lsh-pam-checkpw
+usr/sbin/sftp-server usr/lib/lsh-server
Index: 2.0.4-dfsg-8/debian/lsh-doc.docs
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-doc.docs (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-doc.docs (revision 89)
@@ -0,0 +1,11 @@
+FAQ
+NEWS
+ANNOUNCE
+ChangeLog.1
+doc/HACKING
+doc/NOTES
+doc/PORTS
+doc/TASKLIST
+doc/TODO
+doc/configuration.txt
+doc/lsh.html
Index: 2.0.4-dfsg-8/debian/watch
===================================================================
--- 2.0.4-dfsg-8/debian/watch (nonexistent)
+++ 2.0.4-dfsg-8/debian/watch (revision 89)
@@ -0,0 +1,5 @@
+# use the newest watch file format.
+version=3
+# Site+Directory Pattern Version Script
+opts=dversionmangle=s/-dfsg$// \
+ftp://ftp.lysator.liu.se/pub/security/lsh/lsh-([^-]*)\.tar\.gz debian uupdate
Index: 2.0.4-dfsg-8/debian/lsh-doc.info
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-doc.info (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-doc.info (revision 89)
@@ -0,0 +1 @@
+doc/lsh.info
Index: 2.0.4-dfsg-8/debian/lsh-doc.manpages
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-doc.manpages (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-doc.manpages (revision 89)
@@ -0,0 +1 @@
+doc/*.5
Index: 2.0.4-dfsg-8/debian/lsh-utils.install
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-utils.install (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-utils.install (revision 89)
@@ -0,0 +1,11 @@
+usr/bin/lsh-authorize
+usr/bin/lsh-decode-key
+usr/bin/lsh-decrypt-key
+usr/bin/lsh-export-key
+usr/bin/lsh-keygen
+usr/bin/lsh-make-seed
+usr/bin/lsh-upgrade
+usr/bin/lsh-upgrade-key
+usr/bin/lsh-writekey
+usr/bin/srp-gen
+usr/bin/ssh-conv
Index: 2.0.4-dfsg-8/debian/lsh-client.manpages
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-client.manpages (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-client.manpages (revision 89)
@@ -0,0 +1,4 @@
+debian/mans/lcp.1
+doc/lsh.1
+doc/lshg.1
+src/sftp/lsftp.1
Index: 2.0.4-dfsg-8/debian/lsh-doc.install
===================================================================
Index: 2.0.4-dfsg-8/debian/lsh-client.install
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-client.install (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-client.install (revision 89)
@@ -0,0 +1,4 @@
+usr/bin/lsh
+usr/bin/lshg
+usr/bin/lcp
+usr/bin/lsftp
Index: 2.0.4-dfsg-8/debian/lsh-utils.docs
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-utils.docs (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-utils.docs (revision 89)
@@ -0,0 +1 @@
+AUTHORS
Index: 2.0.4-dfsg-8/debian/lsh-utils.manpages
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-utils.manpages (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-utils.manpages (revision 89)
@@ -0,0 +1,11 @@
+debian/mans/srp-gen.1
+doc/lsh-authorize.1
+doc/lsh-decode-key.1
+doc/lsh-decrypt-key.1
+doc/lsh-export-key.1
+doc/lsh-keygen.1
+doc/lsh-make-seed.1
+doc/lsh-upgrade.1
+doc/lsh-upgrade-key.1
+doc/lsh-writekey.1
+doc/ssh-conv.1
Index: 2.0.4-dfsg-8/debian/README.Debian
===================================================================
--- 2.0.4-dfsg-8/debian/README.Debian (nonexistent)
+++ 2.0.4-dfsg-8/debian/README.Debian (revision 89)
@@ -0,0 +1,42 @@
+lsh-utils for Debian
+--------------------
+
+Versions of lsh since 1.3.6 have required a random seed file for both the
+server and the client (one for each user in the latter case). These random
+seeds will be automatically generated when the lsh-server is started for the
+first time.
+
+As an alternative, you can of course use the old way to have the seed
+generated. For this you need the lsh-utils package installed. After removing
+the automatically generated seed (/var/spool/lsh/yarrow-seed-file) you have to
+run "lsh-make-seed --server" (as root) to generate the random seed.
+
+For security reasons (otherwise the timing information will be broken) this
+needs to be run from a local console.
+
+Using the lsh-client
+--------------------
+
+To use the lsh client, all a user needs to do is run lsh-make-seed and type
+the necessary data. lsh-make-seed stores user's random seed files in
+~/.lsh/yarrow-seed-file.
+
+By default, the host key is captured to ~/.lsh/captured_keys - you need to put
+the appropriate key in ~/.lsh/known_hosts. This is best achieved by:
+
+lsh --sloppy-host-authentication --capture-to=~/.lsh/known_hosts <host>
+
+Some notes about the sftp-server
+--------------------------------
+
+The used sftp-server has been placed in /usr/lib/lsh-server, analoguously
+with openssh-server. Our manpage is in the special section 8lsh, to avoid
+conflict with the corresponding manpage in said package.
+
+Credits
+-------
+
+This package is based on work by Robert Bihlmeyer <robbe@orcus.priv.at> and
+Timshel Knoll <timshel@debian.org>.
+
+ -- Magnus Holmgren <magnus@kibibyte.se>, Wed, 3 Oct 2007 20:56:36 +0200
Index: 2.0.4-dfsg-8/debian/lsh-server.config
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-server.config (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-server.config (revision 89)
@@ -0,0 +1,109 @@
+#!/usr/bin/perl -w
+#
+# debconf config script for lsh-server
+#
+# Copyright (c) 2000, 2001, 2002 Timshel Knoll <timshel@debian.org>
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+# On Debian systems, see /usr/share/common-licenses/GPL for the GNU GPL.
+#
+use strict;
+use Debconf::Client::ConfModule ':all';
+
+
+sub ask_whether_to_purge_hostkey {
+ &input ("medium", "lsh-server/purge_hostkey");
+ my @ret = &go ();
+
+ return ($ret[0] == 30 ? -1 : 1);
+}
+
+
+sub get_lshd_port {
+ &input ("medium", "lsh-server/lshd_port");
+ my @ret = &go ();
+
+ my $port = &get ("lsh-server/lshd_port");
+
+ if ($port and $port !~ m/^\d+$/) {
+ $port = (getservbyname ($port, "tcp"))[2];
+ }
+
+ unless ($port) {
+ # invalid service entered: wasn't a number, and
+ # getservbyname failed, try again ...
+ # FIXME: try putting some sort of error message here?
+ &reset ("lsh-server/lshd_port");
+ return 0;
+ }
+
+ return ($ret[0] == 30 ? -1 : 1);
+}
+
+
+
+sub ask_whether_to_enable_sftp {
+ &input ("medium", "lsh-server/sftp");
+ my @ret = &go ();
+
+ return ($ret[0] == 30 ? -1 : 1);
+}
+
+
+sub configure () {
+ my $state = 0;
+
+ # The list of things to do, in order
+ # Aren't really long, descriptive function names fun ;-)
+ my @states = (
+ \&ask_whether_to_purge_hostkey,
+ \&get_lshd_port,
+ \&ask_whether_to_enable_sftp
+ );
+
+ # This is 1 or -1, depending on whether we're going forward or backward
+ # Required because otherwise when we back up to a question doesn't need
+ # to be asked, the engine will go forward again :-(
+ my $step = 1;
+
+ until ($state > $#states) {
+ if ($state < 0) {
+ $state = 0;
+ # We may have got here because of "backing up" to a question which
+ # was skipped, so make sure we're going forward from here to avoid
+ # an infinite loop
+ $step = 1;
+ }
+
+ $step = &{ $states[$state] } ($step);
+
+ $state += $step;
+ }
+}
+
+
+
+die "Syntax error: no argument" if (@ARGV <= 0);
+
+version ('2.0');
+
+my $capb = &capb ('backup');
+
+if ($ARGV[0] eq "configure" || $ARGV[0] eq "reconfigure") {
+ &configure ();
+}
+
+
+
Index: 2.0.4-dfsg-8/debian/NEWS
===================================================================
--- 2.0.4-dfsg-8/debian/NEWS (nonexistent)
+++ 2.0.4-dfsg-8/debian/NEWS (revision 89)
@@ -0,0 +1,26 @@
+lsh-utils (2.0.1cdbs-4) unstable; urgency=low
+
+ lsh-server now automatically generates it's random seed file, if it's not
+ already existant.
+
+ I personally don't see a reason for the lsh-make-seed command, the
+ lsh-server init script now uses dd to get 32 bytes of random data out of
+ /dev/random.
+
+ If thats not ok to you, feel free to use lsh-make-seed instead and have
+ /var/spool/lsh/yarrow-seed-file regenerated.
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Thu, 19 Jan 2006 01:08:16 +0100
+
+lsh-utils (2.0.1-6) unstable; urgency=low
+
+ To make the current maintenance situation easier, 'lshc' has been again
+ renamed to it's original name 'lsh'.
+
+ So please switch from now on to using 'lsh' instead of 'lshc'.
+
+ As for your convenience a small script named 'lshc', which simply notifies
+ you about the name change and afterwards executing 'lsh' is included.
+
+ -- Stefan Pfetzing <dreamind@dreamind.de> Tue, 15 Nov 2005 05:44:46 +0100
+
Index: 2.0.4-dfsg-8/debian/lsh-server.postrm
===================================================================
--- 2.0.4-dfsg-8/debian/lsh-server.postrm (nonexistent)
+++ 2.0.4-dfsg-8/debian/lsh-server.postrm (revision 89)
@@ -0,0 +1,76 @@
+#!/bin/sh
+# postrm script for lsh-server
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postrm> `remove'
+# * <postrm> `purge'
+# * <old-postrm> `upgrade' <new-version>
+# * <new-postrm> `failed-upgrade' <old-version>
+# * <new-postrm> `abort-install'
+# * <new-postrm> `abort-install' <old-version>
+# * <new-postrm> `abort-upgrade' <old-version>
+# * <disappearer's-postrm> `disappear' <r>overwrit>r> <new-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+if [ -f /usr/share/debconf/confmodule ] ; then
+ . /usr/share/debconf/confmodule
+
+ db_get "lsh-server/purge_hostkeys" || true
+
+ PURGE_HOSTKEYS="$RET"
+else
+ . /etc/default/lsh-server
+fi
+
+case "$1" in
+ purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+
+ for file in /etc/ssh/NOSERVER /etc/ssh/sshd_not_to_be_run ; do
+ if [ -e "$file" ] && \
+ grep -q '^LSH_SERVER_CONFIG_GENERATED$' "$file" ; then
+ rm -f "$file"
+ fi
+ done
+
+ # Try to remove ssh directory - if ssh is purged we should be
+ # able to do this ...
+ if [ -d "/etc/ssh" ] ; then
+ rmdir --ignore-fail-on-non-empty /etc/ssh
+ fi
+
+ # Try to remove the random seed file.
+ if [ "$1" = "purge" ] && [ -e "/var/spool/lsh/yarrow-seed-file" ] ; then
+ rm -f /var/spool/lsh/yarrow-seed-file
+ rmdir --ignore-fail-on-non-empty /var/spool/lsh
+ fi
+
+ ;;
+
+ *)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+if [ "$1" = "purge" ]; then
+ case "$PURGE_HOSTKEYS" in
+ true|TRUE|y*|Y*)
+ rm -f /etc/lsh_host_key /etc/lsh_host_key.pub
+ ;;
+ esac
+
+ # trash defaults file
+ rm -f /etc/default/lsh-server
+fi
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts
+
+#DEBHELPER#
+
+exit 0
Index: 2.0.4-dfsg-8/debian
===================================================================
--- 2.0.4-dfsg-8/debian (nonexistent)
+++ 2.0.4-dfsg-8/debian (revision 89)
/2.0.4-dfsg-8/debian
Property changes:
Added: mergeWithUpstream
## -0,0 +1 ##
+1
\ No newline at end of property