Call for testing: OpenSSH 8.0
The Doctor
doctor at doctor.nl2k.ab.ca
Thu Mar 28 00:50:25 AEDT 2019
On Wed, Mar 27, 2019 at 10:00:13PM +1100, Damien Miller wrote:
> Hi,
>
> OpenSSH 8.0p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
>
Working on FreeBSD 11.2 compiled with clang 8.
These boxes will be converted to FreeBSD 12 this Friday.
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
>
> Thanks to the many people who contributed to this release.
>
> Security
> ========
>
> This release contains mitigation for a weakness in the scp(1) tool
> and protocol (CVE-2019-6111): when copying files from a remote system
> to a local directory, scp(1) did not verify that the filenames that
> the server sent matched those requested by the client. This could
> allow a hostile server to create or clobber unexpected local files
> with attacker-controlled content.
>
> This release adds client-side checking that the filenames sent from
> the server match the command-line request,
>
> The scp protocol is outdated, inflexible and not readily fixed. We
> recommend the use of more modern protocols like sftp and rsync for
> file transfer instead.
>
> Potentially-incompatible changes
> ================================
>
> This release includes a number of changes that may affect existing
> configurations:
>
> * scp(1): Relating to the above changes to scp(1); the scp protocol
> relies on the remote shell for wildcard expansion, so there is no
> infallible way for the client's wildcard matching to perfectly
> reflect the server's. If there is a difference between client and
> server wildcard expansion, the client may refuse files from the
> server. For this reason, we have provided a new "-T" flag to scp
> that disables these client-side checks at the risk of
> reintroducing the attack described above.
>
> * sshd(8): Remove support for obsolete "host/port" syntax. Slash-
> separated host/port was added in 2001 as an alternative to
> host:port syntax for the benefit of IPv6 users. These days there
> are establised standards for this like [::1]:22 and the slash
> syntax is easily mistaken for CIDR notation, which OpenSSH
> supports for some things. Remove the slash notation from
> ListenAddress and PermitOpen; bz#2335
>
> Changes since OpenSSH 7.9
> =========================
>
> This release is focused on new features and internal refactoring.
>
> New Features
> ------------
>
> * ssh(1), ssh-agent(1), ssh-add(1): Add support for ECDSA keys in
> PKCS#11 tokens.
>
> * ssh(1), sshd(8): Add experimental quantum-computing resistant
> key exchange method, based on a combination of Streamlined NTRU
> Prime 4591^761 and X25519.
>
> * ssh-keygen(1): Increase the default RSA key size to 3072 bits,
> following NIST Special Publication 800-57's guidance for a
> 128-bit equivalent symmetric security level.
>
> * ssh(1): Allow "PKCS11Provide=none" to override later instances of
> the PKCS11Provide directive in ssh_config; bz#2974
>
> * sshd(8): Add a log message for situations where a connection is
> dropped for attempting to run a command but a sshd_config
> ForceCommand=internal-sftp restriction is in effect; bz#2960
>
> * ssh(1): When prompting whether to record a new host key, accept
> the key fingerprint as a synonym for "yes". This allows the user
> to paste a fingerprint obtained out of band at the prompt and
> have the client do the comparison for you.
>
> * ssh-keygen(1): When signing multiple certificates on a single
> command-line invocation, allow automatically incrementing the
> certificate serial number.
>
> * scp(1), sftp(1): Accept -J option as an alias to ProxyJump on
> the scp and sftp command-lines.
>
> * ssh-agent(1), ssh-pkcs11-helper(8), ssh-add(1): Accept "-v"
> command-line flags to increase the verbosity of output; pass
> verbose flags though to subprocesses, such as ssh-pkcs11-helper
> started from ssh-agent.
>
> * ssh-add(1): Add a "-T" option to allowing testing whether keys in
> an agent are usable by performing a signature and a verification.
>
> * sftp-server(8): Add a "lsetstat at openssh.com" protocol extension
> that replicates the functionality of the existing SSH2_FXP_SETSTAT
> operation but does not follow symlinks. bz#2067
>
> * sftp(1): Add "-h" flag to chown/chgrp/chmod commands to request
> they do not follow symlinks.
>
> * sshd(8): Expose $SSH_CONNECTION in the PAM environment. This makes
> the connection 4-tuple available to PAM modules that wish to use
> it in decision-making. bz#2741
>
> * sshd(8): Add a ssh_config "Match final" predicate Matches in same
> pass as "Match canonical" but doesn't require hostname
> canonicalisation be enabled. bz#2906
>
> * sftp(1): Support a prefix of '@' to suppress echo of sftp batch
> commands; bz#2926
>
> * ssh-keygen(1): When printing certificate contents using
> "ssh-keygen -Lf /path/certificate", include the algorithm that
> the CA used to sign the cert.
>
> Bugfixes
> --------
>
> * sshd(8): Fix authentication failures when sshd_config contains
> "AuthenticationMethods any" inside a Match block that overrides
> a more restrictive default.
>
> * sshd(8): Avoid sending duplicate keepalives when ClientAliveCount
> is enabled.
>
> * sshd(8): Fix two race conditions related to SIGHUP daemon restart.
> Remnant file descriptors in recently-forked child processes could
> block the parent sshd's attempt to listen(2) to the configured
> addresses. Also, the restarting parent sshd could exit before any
> child processes that were awaiting their re-execution state had
> completed reading it, leaving them in a fallback path.
>
> * ssh(1): Fix stdout potentially being redirected to /dev/null when
> ProxyCommand=- was in use.
>
> * sshd(8): Avoid sending SIGPIPE to child processes if they attempt
> to write to stderr after their parent processes have exited;
> bz#2071
>
> * ssh(1): Fix bad interaction between the ssh_config ConnectTimeout
> and ConnectionAttempts directives - connection attempts after the
> first were ignoring the requested timeout; bz#2918
>
> * ssh-keyscan(1): Return a non-zero exit status if no keys were
> found; bz#2903
>
> * scp(1): Sanitize scp filenames to allow UTF-8 characters without
> terminal control sequences; bz#2434
>
> * sshd(8): Fix confusion between ClientAliveInterval and time-based
> RekeyLimit that could cause connections to be incorrectly closed.
> bz#2757
>
> * ssh(1), ssh-add(1): Correct some bugs in PKCS#11 token PIN
> handling at initial token login. The attempt to read the PIN
> could be skipped in some cases, particularly on devices with
> integrated PIN readers. This would lead to an inability to
> retrieve keys from these tokens. bz#2652
>
> * ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the
> CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the
> C_SignInit operation. bz#2638
>
> * ssh(1): Improve documentation for ProxyJump/-J, clarifying that
> local configuration does not apply to jump hosts.
>
> * ssh-keygen(1): Clarify manual - ssh-keygen -e only writes
> public keys, not private.
>
> * ssh(1), sshd(8): be more strict in processing protocol banners,
> allowing \r characters only immediately before \n.
>
> * Various: fix a number of memory leaks, including bz#2942 and
> bz#2938
>
> * scp(1), sftp(1): fix calculation of initial bandwidth limits.
> Account for bytes written before the timer starts and adjust the
> schedule on which recalculations are performed. Avoids an initial
> burst of traffic and yields more accurate bandwidth limits;
> bz#2927
>
> * sshd(8): Only consider the ext-info-c extension during the initial
> key eschange. It shouldn't be sent in subsequent ones, but if it
> is present we should ignore it. This prevents sshd from sending a
> SSH_MSG_EXT_INFO for REKEX for buggy these clients. bz#2929
>
> * ssh-keygen(1): Clarify manual that ssh-keygen -F (find host in
> authorized_keys) and -R (remove host from authorized_keys) options
> may accept either a bare hostname or a [hostname]:port combo.
> bz#2935
>
> * ssh(1): Don't attempt to connect to empty SSH_AUTH_SOCK; bz#2936
>
> * sshd(8): Silence error messages when sshd fails to load some of
> the default host keys. Failure to load an explicitly-configured
> hostkey is still an error, and failure to load any host key is
> still fatal. pr/103
>
> * ssh(1): Redirect stderr of ProxyCommands to /dev/null when ssh is
> started with ControlPersist; prevents random ProxyCommand output
> from interfering with session output.
>
> * ssh(1): The ssh client was keeping a redundant ssh-agent socket
> (leftover from authentication) around for the life of the
> connection; bz#2912
>
> * sshd(8): Fix bug in HostbasedAcceptedKeyTypes and
> PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types
> were specified, then authentication would always fail for RSA keys
> as the monitor checks only the base key (not the signature
> algorithm) type against *AcceptedKeyTypes. bz#2746
>
> * ssh(1): Request correct signature types from ssh-agent when
> certificate keys and RSA-SHA2 signatures are in use.
>
> Portability
> -----------
>
> * sshd(8): On Cygwin, run as SYSTEM where possible, using S4U for
> token creation if it supports MsV1_0 S4U Logon.
>
> * sshd(8): On Cygwin, use custom user/group matching code that
> respects the OS' behaviour of case-insensitive matching.
>
> * sshd(8): Don't set $MAIL if UsePAM=yes as PAM typically specifies
> the user environment if it's enabled; bz#2937
>
> * sshd(8) Cygwin: Change service name to cygsshd to avoid collision
> with Microsoft's OpenSSH port.
>
> * Allow building against OpenSSL -dev (3.x)
>
> * Fix a number of build problems against version configurations and
> versions of OpenSSL. Including bz#2931 and bz#2921
>
> * Improve warnings in cygwin service setup. bz#2922
>
> * Remove hardcoded service name in cygwin setup. bz#2922
>
> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
> Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
> Tim Rice and Ben Lindstrom.
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism
Alberta on 16 April 2019, do not vote UCP, FCP nor NDP!
More information about the openssh-unix-dev
mailing list