Call for testing: OpenSSH-5.9

Frederico Costa (Ports) fredports at mufley.com
Mon Aug 15 22:25:29 EST 2011 

 Hi there...

 Just downloaded openssh-SNAP-20110815.tar.gz

 and run the usual $ ./configure && make tests

 And i get the usual "all tests passed", no errors reported.

 I have runned this on a FreeBSD 8.2 Release #0 amd64.

 Regards

 Fred

 ---
 Frederico Costa
 fredports at mufley.com

 On Sun, 14 Aug 2011 10:30:10 +1000 (EST), Damien Miller wrote:
> Hi,
>
> OpenSSH 5.9 is almost ready for release, so we would appreciate 
> testing
> on as many platforms and systems as possible. This release contains a
> couple of new features and changes and bug fixes. Testing of the new
> sandboxed privilege separation mode (see below) would be particularly
> appreciated.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via anonymous CVS using the
> instructions at http://www.openssh.com/portable.html#cvs or
> via Mercurial at http://hg.mindrot.org/openssh
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
> Live testing on suitable non-production systems is also
> appreciated. Please send reports of success or failure to
> openssh-unix-dev at mindrot.org.
>
> Below is a summary of changes. More detail may be found in the 
> ChangeLog
> in the portable OpenSSH tarballs.
>
> Thanks to the many people who contributed to this release.
>
> -------------------------------
>
> Features:
>
>  * Introduce sandboxing of the pre-auth privsep child using a new
>    sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables
>    mandatory restrictions on the syscalls the privsep child can 
> perform.
>    This intention is to prevent a compromised privsep child from 
> being
>    used to attack other hosts (by opening sockets and proxying) or 
> probing
>    local kernel attack surface.
>
>    Three concrete sandbox implementation are provided (selected at
>    configure time): systrace, seatbelt and rlimit.
>
>    The systrace sandbox uses systrace(4) in unsupervised "fast-path"
>    mode, where a list of permitted syscalls is supplied. Any syscall 
> not
>    on the list results in SIGKILL being sent to the privsep child. 
> Note
>    that this requires a kernel with the new SYSTR_POLICY_KILL option
>    (only OpenBSD has this mode at present).
>
>    The seatbelt sandbox uses OS X/Darwin sandbox(7) facilities with a
>    strict (kSBXProfilePureComputation) policy that disables access to
>    filesystem and network resources.
>
>    The rlimit sandbox is a fallback choice for platforms that don't
>    support a better one; it uses setrlimit() to reset the hard-limit
>    of file descriptors and processes to zero, which should prevent
>    the privsep child from forking or opening new network connections.
>
>    Sandboxing of the privilege separated child process will become 
> the
>    default in a future release. We'd also like to include native
>    sandboxes for other platforms.
>
>  * Add new SHA256-based HMAC transport integrity modes from
>    http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
>    These modes are hmac-sha2-256, hmac-sha2-256-96, hmac-sha2-512,
>    and hmac-sha2-512-96, and are available by default in ssh(1) and
>    sshd(8)
>
>  * The pre-authentication sshd(8) privilege separation slave process
>    now logs via a socket shared with the master process, avoiding the
>    need to maintain /dev/log inside the chroot.
>
>  * ssh(1) now warns when a server refuses X11 forwarding
>
>  * sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths,
>    separated by space. The undocumented AuthorizedKeysFile2 option is
>    deprecated (though the default for AuthorizedKeysFile includes
>    .ssh/authorized_keys2)
>
>  * sshd_config(5): similarly deprecate UserKnownHostsFile2 and
>    GlobalKnownHostsFile2 by making UserKnownHostsFile and
>    GlobalKnownHostsFile accept multiple options and default to 
> include
>    known_hosts2
>
>  * retain key comments when loading v.2 keys. These will be visible 
> in
>    "ssh-add -l" and other places. bz#439
>
>  * ssh(1) and sshd(8): set IPv6 traffic class from IPQoS (as well as
>    IPv4 ToS/DSCP). bz#1855
>
>  * ssh_config(5)'s ControlPath option now expands %L to the host
>    portion of the destination host name.
>
>  * ssh_config(5) "Host" options now support negated Host matching, 
> e.g.
>
>      Host *.example.org !c.example.org
>         User mekmitasdigoat
>
>    Will match "a.example.org", "b.example.org", but not 
> "c.example.org"
>
>  * ssh_config(5): a new RequestTTY option provides control over when 
> a
>    TTY is requested for a connection, similar to the existing 
> -t/-tt/-T
>    ssh(1) commandline options.
>
>  * sshd(8): allow GSSAPI authentication to detect when a server-side
>    failure causes authentication failure and don't count such 
> failures
>    against MaxAuthTries; bz#1244
>
>  * ssh-keygen(1): Add -A option. For each of the key types (rsa1, 
> rsa,
>    dsa and ecdsa) for which host keys do not exist, generate the host
>    keys with the default key file path, an empty passphrase, default
>    bits for the key type, and default comment. This is useful for
>    system initialisation scripts.
>
>  * ssh(1): Allow graceful shutdown of multiplexing: request that a 
> mux
>    server removes its listener socket and refuse future multiplexing
>    requests but don't kill existing connections. This may be 
> requested
>    using "ssh -O stop ..."
>
>  * ssh-add(1) now accepts keys piped from standard input. E.g.
>    "ssh-add - < /path/to/key"
>
>  * ssh-keysign(8) now signs hostbased authentication
>    challenges correctly using ECDSA keys; bz#1858
>
> Portable OpenSSH Bugfixes:
>
>  * Fix a compilation error in the SELinux support code. bz#1851
>
>  * This release removes support for ssh-rand-helper. OpenSSH now
>    obtains its random numbers directly from OpenSSL or from
>    a PRNGd/EGD instance specified at configure time.
>
>  * sshd(8) now resets the SELinux process execution context before
>    executing passwd for password changes; bz#1891
>
>  * Since gcc >= 4.x ignores all -Wno-options options, test only the
>    corresponding -W-option when trying to determine whether it is
>    accepted.  bz#1900, bz#1901
>    selinux code.  Patch from Leonardo Chiquitto
>
>  * Add ECDSA key generation to the Cygwin ssh-{host,user}-config
>    scripts.
>
> Reporting Bugs:
> ===============
>
> - Please read http://www.openssh.com/report.html
>   Security bugs should be reported directly to openssh at openssh.com
>
> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de 
> Raadt,
> Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice 
> and
> Ben Lindstrom.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

More information about the openssh-unix-dev mailing list