Call for testing: OpenSSH-5.6
Damien Miller
djm at mindrot.org
Tue Aug 10 04:22:29 EST 2010
Hi,
OpenSSH 5.6 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a moderately large
release, with a number of new features and bug fixes.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via anonymous CVS using the
instructions at http://www.openssh.com/portable.html#cvs
Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:
$ ./configure && make tests
Live testing on suitable non-production systems is also
appreciated. Please send reports of success or failure to
openssh-unix-dev at mindrot.org.
Below is a summary of changes. More detail may be found in the ChangeLog
in the portable OpenSSH tarballs.
Thanks to the many people who contributed to this release.
-------------------------------
Features:
* Added a ControlPersist option to ssh_config(5) that automatically
starts a background ssh(1) multiplex master when connecting. This
connection can stay alive indefinitely, or can be set to
automatically close after a user-specified duration of inactivity.
* Hostbased authentication may now use certificate host keys. CA keys
must be specified in a known_hosts file using the @cert-authority
marker.
* ssh-keygen(1) now supports signing certificates using a CA key that
has been stored in a PKCS#11 token.
* ssh(1) will now log the hostname and address that we connected to at
LogLevel=verbose after authentication is successful to mitigate
"phishing" attacks by servers with trusted keys that accept
authentication silently and automatically before presenting fake
password/passphrase prompts.
Note that, for such an attack to be successful, the user must have
disabled StrictHostKeyChecking (enabled by default) or an attacker
must have access to a trusted host key for the destination server.
* Expand %h to the hostname in ssh_config Hostname options. While this
sounds useless, it is actually handy for working with unqualified
hostnames:
Host *.*
Hostname %h
Host *
Hostname %h.example.org
* Allow ssh-keygen(1) to import (-i) and export (-e) of PEM and PKCS#8
keys in addition to RFC4716 (SSH.COM) encodings via a new -m option
(bz#1749)
* sshd(8) will now queue debug messages for bad ownership or
permissions on the user's keyfiles encountered during authentication.
These messages will be sent after the user has successfully
authenticated. These messages may be viewed in ssh(1) at
LogLevel=debug or higher.
* ssh(1) connection multiplexing now supports remote forwarding with
dynamic port allocation and can report the allocated port back to
the user:
LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
* sshd(8) now supports indirection in matching of principal names
listed in certificates. By default, if a certificate has an
embedded principals list then the destination username must match
one of the names in the list for it to be accepted for
authentication.
sshd(8) now supports an optional AuthorizedPrincipalsFile to specify
a list of names that may be accepted in place of the username when
authorizing a certificate trusted via the sshd_config(5)
TrustedCAKeys option. Similarly, authentication using a CA trusted
in ~/.ssh/authorized_keys now accepts a principals="name1[,name2,...]"
to specify a list of permitted names.
If either option is absent, the current behaviour of requiring the
username to appear in principals continues to apply. These options
are useful for role accounts, disjoint account namespaces and
"user at realm"-style naming policies in certificates.
* Expose some more sshd_config(5) options inside Match blocks:
AuthorizedKeysFile
AuthorizedPrincipalsFile
HostbasedUsesNameFromPacketOnly
PermitTunnel
* Revised the format of certificate keys. The new format, identified as
ssh-{dss,rsa}-cert-v01 at openssh.com includes the following changes:
- Addition of a serial number field. This may be specified by the CA
at the time of certificate signing.
- Moving the nonce field to the beginning of the certificate where
it can better protect against chosen-prefix attacks on the
signature hash (currently infeasible against the SHA1 hash used)
- Renaming of the "constraints" field to "critical options"
- Addng of a new non-critical "extensions" field. The "permit-*"
options are now extensions, rather than critical options to
permit non-OpenSSH implementation of this key format to degrade
gracefully when encountering keys with options they do not
recognize.
The older format is still support for authentication and cert generation
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate).
The older format, introduced in OpenSSH 5.4, will be supported for at
least one year from this release, after which it will be deprecated and
removed.
BugFixes:
* The PKCS#11 code now retries a lookup for a private key if there's
no matching key with CKA_SIGN attribute enabled; this fixes fixes
MuscleCard support (bz#1736)
* Unbreak strdelim() skipping past quoted strings, e.g.
AllowUsers "blah blah" blah
was broken (bz#1757)
* sftp(1): fix swapped args in upload_dir_internal(), breaking
recursive upload depth checks and causing verbose printing of
transfers to always be turned on (bz#1797)
* Fix a longstanding problem where if you suspend scp(1) at the
password/passphrase prompt the terminal mode is not restored.
* Fix PKCS#11 crash on some smartcards by checking the length
returned for C_GetAttributValue for != 0 (bz#1773)
* sftp(1): unbreak ls in working directories that contain globbing
characters in their pathnames (bz#1655)
* Print warning for missing home directory when ChrootDirectory=none
(bz#1564)
* sftp(1): fix memory leak in do_realpath() error path (bz#1771)
* ssk-keygen(1): Standardise error messages when attempting to open
private key files to include "progname: filename: error reason"
(bz#1783)
* Replace verbose and overflow-prone Linebuf code with
read_keyfile_line() (bz#1565)
* Include the user name on "subsystem request for ..." log messages
* ssh(1) and sshd(8): remove hardcoded limit of 100 permitopen clauses
and port forwards per direction (bz#1327)
* sshd(8): ignore stderr output from subsystems to avoid hangs if a
subsystem or shell initialisation writes to stderr (bz#1750)
* Skip the initial check for access with an empty password when
PermitEmptyPasswords=no (bz#1638)
* sshd(8): fix logspam when key options (from="..." especially) deny
non-matching keys (bz#1765)
* ssh-keygen(1): display a more helpful error message when $HOME is
inaccessible while trying to create .ssh directory (bz#1740)
* ssh(1): fix hang when terminating a mux slave using ~. (bz#1758)
* ssh-keygen(1): refuse to generate keys longer than
OPENSSL_[RD]SA_MAX_MODULUS_BITS, since we would refuse to use
them anyway (bz#1516)
* Suppress spurious tty warning when using -O and stdin is not a tty
(bz#1746)
* Kill channel when pty allocation requests fail. Fixed stuck client
if the server refuses pty allocation (bz#1698)
Portable OpenSSH Bugfixes:
- sshd(8): increase the maximum username length for login recording
to 512 characters (bz#1579)
* Initialize the values to be returned from PAM to sane values in case
the PAM method doesn't write to them. (bz#1795)
- Let configure find OpenSSL libraries in a lib64 subdirectory. (bz#1756)
Checksums:
==========
- SHA1 (openssh-5.5.tar.gz) = XXX
- SHA1 (openssh-5.5p1.tar.gz) = XXX
Reporting Bugs:
===============
- Please read http://www.openssh.com/report.html
Security bugs should be reported directly to openssh at openssh.com
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
Ben Lindstrom.
More information about the openssh-unix-dev
mailing list