From eebc569a2b303691e1d52f2672896a0d4015972b Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Fri, 12 Apr 2019 18:38:14 +0000
Subject: system/openssh: add agent-forwarding to list of insecure defaults to
 change

---
 system/openssh/disable-forwarding-by-default.patch | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'system/openssh/disable-forwarding-by-default.patch')

diff --git a/system/openssh/disable-forwarding-by-default.patch b/system/openssh/disable-forwarding-by-default.patch
index 9d27926d9..dbd9205ea 100644
--- a/system/openssh/disable-forwarding-by-default.patch
+++ b/system/openssh/disable-forwarding-by-default.patch
@@ -3,11 +3,12 @@
 @@ -82,9 +82,10 @@
  #UsePAM no
  
- #AllowAgentForwarding yes
+-#AllowAgentForwarding yes
 -#AllowTcpForwarding yes
 -#GatewayPorts no
 -#X11Forwarding no
 +# Feel free to re-enable these if your use case requires them.
++AllowAgentForwarding no
 +AllowTcpForwarding no
 +GatewayPorts no
 +X11Forwarding no
-- 
cgit v1.2.3-60-g2f50