Call for testing: OpenSSH 7.5p1
Jakub Jelen
jjelen at redhat.com
Tue Mar 14 22:45:55 AEDT 2017
On 03/14/2017 11:40 AM, Damien Miller wrote:
> Hi,
>
> OpenSSH 7.5p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
>
> [...]
>
> This release includes a number of changes that may affect existing
> configurations:
>
> * This release deprecates the sshd_config UsePrivilegeSeparation
> option, thereby making privilege separation mandatory. Privilege
> separation has been on by default for almost 15 years.
Hello,
I don't see this option deprecated in current portable master. Still in
place. How are we going to be able to switch between Sandbox and just
privilege separation?
As far as I remember, various people still use this use case to test
other SSH implementation (privsep requires running a root, isn't it?).
> * Fix various fallout and sharp edges caused by removing SSH protocol
> 1 support from the server, including the server banner string being
> incorrectly terminated with only \n (instead of \r\n), and
> confusing error messages from ssh-keyscan bz#2583.
I would vouch for this bug get fixed too in the relation to the SSH1
removal:
https://bugzilla.mindrot.org/show_bug.cgi?id=2686
Also this one is a bit confusing:
https://bugzilla.mindrot.org/show_bug.cgi?id=2682
I took the package through the basic sanity testing and so far all tests
passed.
Thanks,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: typo.patch
Type: text/x-patch
Size: 663 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20170314/af21333b/attachment.bin>
More information about the openssh-unix-dev
mailing list