Call for testing: OpenSSH 8.1

Predrag Zecevic predrag.zecevic at
Thu Oct 3 20:01:36 AEST 2019

Hi all,

thanks for heads up, compiles fine on Illumos based OpenIndiana /hipster 

:; ssh -V
OpenSSH_8.0p1-snap20191002, OpenSSL 1.1.1d  10 Sep 2019


On 01.10.2019 13:33, Damien Miller wrote:
> Hi,
> OpenSSH 8.1p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
> Snapshot releases for portable OpenSSH are available from
> The OpenBSD version is available in CVS HEAD:
> Portable OpenSSH is also available via git using the
> instructions at
> At or via a mirror at Github:
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
> $ ./configure && make tests
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at Security bugs should be reported
> directly to openssh at
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
> Thanks to the many people who contributed to this release.
> Security
> ========
>   * ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
>     rest in RAM against speculation and memory sidechannel attacks like
>     Spectre, Meltdown and Rambleed. This release encrypts private keys
>     when they are not in use with a symmetic key that is derived from a
>     relatively large "prekey" consisting of random data (currently 16KB).
>     Attackers must recover the entire prekey before they are able to
>     decrypt the protected private keys, but the current generation of
>     attacks have bit error rates that render this unlikely to be
>     practical.
> Potentially-incompatible changes
> ================================
> This release includes one change that may affect existing
> configurations:
>   * ssh-keygen(1): when acting as a CA and signing certificates with
>     an RSA key, default to using the rsa-sha2-512 signature algorithm.
>     Certificates signed by RSA keys will therefore be incompatible
>     with OpenSSH versions prior to 7.2 unless the default is
>     overridden (using "ssh-keygen -t ssh-rsa -s ...").
> Changes since OpenSSH 8.0
> =========================
> This release is focused on bugfixing.
> New Features
> ------------
>   * ssh(1): Allow %n to be expanded in ProxyCommand strings
>   * ssh(1), sshd(8): Allow prepending a list of algorithms to the
>     default set by starting the list with the '^' character, E.g.
>     "HostKeyAlgorithms ^ssh-ed25519"
>   * ssh-keygen(1): add an experimental lightweight signature and
>     verification ability. Signatures may be made using regular ssh keys
>     held on disk or stored in a ssh-agent and verified against an
>     authorized_keys-like list of allowed keys. Signatures embed a
>     namespace that prevents confusion and attacks between different
>     usage domains (e.g. files vs email).
>   * ssh-keygen(1): print key comment when extracting publc key from a
>     private key.  bz#3052
>   * ssh-keygen(1): accept the verbose flag when searching for host keys
>     in known hosts (i.e. "ssh-keygen -vF host") to print the matching
>     host's random-art signature too. bz#3003
>   * All: support PKCS8 as an optional format for storage of private
>     keys to disk.  The OpenSSH native key format remains the default,
>     but PKCS8 is a superior format to PEM if interoperability with
>     non-OpenSSH software is required, as it may use a less insecure
>     key derivation function than PEM's.
> Bugfixes
> --------
>   * ssh(1): if a PKCS#11 token returns no keys then try to login and
>     refetch them. Based on patch from Jakub Jelen; bz#2430
>   * ssh(1): produce a useful error message if the user's shell is set
>     incorrectly during "match exec" processing. bz#2791
>   * sftp(1): allow the maximimum uint32 value for the argument passed
>     to -b which allows better error messages from later validation.
>     bz#3050
>   * ssh(1): avoid pledge sandbox violations in some combinations of
>     remote forwarding, connection multiplexing and ControlMaster.
>   * ssh-keyscan(1): include SHA2-variant RSA key algorithms in KEX
>     proposal; allows ssh-keyscan to harvest keys from servers that
>     disable olde SHA1 ssh-rsa. bz#3029
>   * sftp(1): print explicit "not modified" message if a file was
>     requested for resumed download but was considered already complete.
>     bz#2978
>   * sftp(1): fix a typo and make <esc><right> move right to the
>     closest end of a word just like <esc><left> moves left to the
>     closest beginning of a word.
>   * sshd(8): cap the number of permiopen/permitlisten directives
>     allowed to appear on a single authorized_keys line.
>   * All: fix a number of memory leaks (one-off or on exit paths).
>   * Regression tests: a number of fixes and improvments, including
>     fixes to the interop tests, adding the ability to run most tests
>     on builds that disable OpenSSL support, better support for running
>     tests under Valgrind and a number of bugfixes.
>   * ssh(1), sshd(8): check for convtime() refusing to accept times that
>     resolve to LONG_MAX Reported by Kirk Wolf bz2977
>   * ssh(1): slightly more instructive error message when the user
>     specifies multiple -J options on the commandline. bz3015
>   * ssh-agent(1): process agent requests for RSA certificate private
>     keys using correct signature algorithm when requested. bz3016
>   * sftp(1): check for user at host when parsing sftp target. This
>     allows user@[] to work without a path.  bz#2999
>   * sshd(8): enlarge format buffer size for certificate serial
>     number so the log message can record any 64-bit integer without
>     truncation. bz#3012
>   * sshd(8): for PermitOpen violations add the remote host and port to
>     be able to more easily ascertain the source of the request. Add the
>     same logging for PermitListen violations which where not previously
>     logged at all.
>   * scp(1), sftp(1): use the correct POSIX format style for left
>     justification for the transfer progress meter. bz#3002
>   * sshd(8) when examining a configureation using sshd -T, assume any
>     attibute not provided by -C does not match, which allows it to work
>     when sshd_config contains a Match directive with or without -C.
>     bz#2858
>   * ssh(1), ssh-keygen(1): downgrade PKCS#11 "provider returned no
>     slots" warning from log level error to debug. This is common when
>     attempting to enumerate keys on smartcard readers with no cards
>     plugged in. bz#3058
>   * ssh(1), ssh-keygen(1): do not unconditionally log in to PKCS#11
>     tokens. Avoids spurious PIN prompts for keys not selected for
>     authentication in ssh(1) and when listing public keys available in
>     a token using ssh-keygen(1). bz#3006
> Portability
> -----------
>   * ssh(1): fix SIGWINCH delivery of Solaris for multiplexed sessions
>     bz#3030
>   * ssh(1), sshd(8): fix typo that prevented detection of Linux VRF
>   * sshd(8): add no-op implementation of pam_putenv to avoid build
>     breakage on platforms where the PAM implementation lacks this
>     function (e.g. HP-UX). bz#3008
>   * sftp-server(8): fix Solaris privilege sandbox from preventing
>     the legacy sftp rename operation from working (was refusing to
>     allow hard links to files owned by other users). bz#3036
>   * All: add a proc_pidinfo()-based closefrom() for OS X to avoid
>     the need to brute-force close all high-numbered file descriptors.
>     bz#3049
>   * sshd(8): in the Linux seccomp-bpf sandbox, allow mprotect(2) with
>     PROT_(READ|WRITE|NONE) only. This syscall is used by some hardened
>     heap allocators. Github PR#142
>   * sshd(8): in the Linux seccomp-bpf sandbox, allow the s390-specific
>     ioctl for ecc hardware support.
>   * All: use "doc" man page format if the mandoc(1) tool is present on
>     the system. Previously configure would not select the "doc" man
>     page format if mandoc was present but nroff was not.
>   * sshd(8): don't install duplicate STREAMS modules on Solaris; check
>     if STREAMS modules are already installed on a pty before installing
>     since when compiling with XPG>=4 they will likely be installed
>     already. Prevents hangs and duplicate lines on the terminal.
>     bz#2945 and bz#2998,
> Reporting Bugs:
> ===============
> - Please read
>    Security bugs should be reported directly to openssh at
> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
> Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
> Tim Rice and Ben Lindstrom.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at

More information about the openssh-unix-dev mailing list