Call for testing: openssh-10.3

Sun Mar 29 16:47:46 AEDT 2026

Hi,

OpenSSH 10.3 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.

Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/

The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html

Portable OpenSSH is also available via git using the
instructions at http://www.openssh.com/portable.html#cvs
At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
https://github.com/openssh/openssh-portable

Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:

$ ./configure && make tests

Live testing on suitable non-production systems is also appreciated.
Please send reports of success or failure to
openssh-unix-dev at mindrot.org. Security bugs should be reported
directly to openssh at openssh.com.

Below is a summary of changes. More detail may be found in the ChangeLog
in the portable OpenSSH tarballs.

Thanks to the many people who contributed to this release.

Potentially-incompatible changes
--------------------------------

 * ssh(1), sshd(8): remove bug compatibility for implementations
   that don't support rekeying. If such an implementation tries to
   interoperate with OpenSSH, it will now eventually fail when the
   transport needs rekeying.

 * ssh(1), sshd(8): no longer treat an empty certificate principals
   section as wildcard. This behaviour was inconsistently supported
   (e.g. it wasn't supported via TrustedUserCAKeys) and dangerous in
   that it could cause a mistake by the CA as creating very powerful
   certificates.

   This release also fixes interpretation of wildcard characters in
   certificate principals. Now they are consistently implemented for
   host certificates and not supported for user certificates.

Changes since OpenSSH 10.2
==========================

New features
------------

 * ssh(1), sshd(8): support IANA-assigned codepoints for SSH agent
   forwarding, as per draft-ietf-sshm-ssh-agent. Support for the new
   names is advertised via the EXT_INFO message. If a server offers
   support for the new names, then they are used preferentially.

   Support for the pre-standardisation "@openssh.com" extensions for
   agent forwarding remain supported.

 * ssh-agent(1): implement support for draft-ietf-sshm-ssh-agent
   "query" extension.

 * ssh-add(1): support querying the protocol extensions via the
   agent "query" extension with a new -Q flag.

 * ssh(1): support multiple files in a ssh_config RevokedHostKeys
   directive. bz3918

 * sshd(8): support multiple files in a sshd_config RevokedKeys
   directive bz3918

 * ssh(1): add a ~I escape option that shows information about the
   current SSH connection.

 * ssh(1): add an "ssh -Oconninfo user at host" multiplexing command
   that shows connection information, similar to the ~I escapechar.

 * ssh(1): add a "ssh -O channels user at host" multiplexing command to
   get a running mux process to show information about what channels
   are currently open.

 * sshd(8): add 'invaliduser' penalty to PerSourcePenalties, which is
   applied to login attempts for usernames that do not match real
   accounts. defaults to 5s to match 'authfail' but allows
   administrators to block such attempts for longer if desired.

 * sshd(8): add a GssDelegateCreds option for the server, controlling
   whether it accepts delgated credentials offered by the client.
   This option mirrors the GssDelegateCreds option in ssh_config.
   GHPR614

 * ssh(1), sshd(8): support the VA DSCP codepoint in the IPQoS
   directive.

 * sshd(8): convert PerSourcePenalties to using floating point time,
   allowing penalties to be less than a second. This is useful if you
   need to penalise things you expect to occur at >=1 QPS.

 * ssh-keygen(1): support writing ED25519 keys in PKCS8 format.
   GHPR570

 * Support the ed25519 signature scheme via libcrypto.

Bugfixes
--------

 * sshd(8): make IPQoS first-match-wins in sshd_config, like other
   configuration directives. bz3924

 * sshd(8): fix a potential hang during key exchange if needed DH
   group values were missing from /etc/moduli.

 * ssh-agent(1): fix return values from extensions to be correct wrt
   draft-ietf-sshm-ssh-agent: extension requests should indicate
   failure using SSH_AGENT_EXTENSION_FAILURE rather than the generic
   SSH_AGENT_FAILURE error code. This allows the client to discern
   between "the request failed" and "the agent doesn't support this
   extension".

 * ssh(1): use fmprintf for showing challenge-response name and info
   to preserve UTF-8 characters where appropriate. Prompted by github
   PR#452.

 * scp(1): when uploading a directory using sftp/sftp (e.g. during a
   recursive transfer), don't clobber the remote directory
   permissions unless either we created the directory during the
   transfer or the -p flag was set. bz3925

 * All: implement missing pieces of FIDO/webauthn signature support,
   mostly related to certificate handling and enable acceptance of this
   signature format by default.  bz3748 GHPR624 GHPR625

 * sshd_config(5): make it clear that DenyUsers/DenyGroups overrides
   AllowUsers/AllowGroups. Previously we specified the order in which
   the directives are processed but it was ambiguous as to what
   happened if both matched.

 * ssh(1): don't try to match certificates held in an agent to
   private keys. This matching is done to support certificates that
   were loaded without their private key material, but is
   unnecessary for agent-hosted certificate which always have
   private key material available in the agent. Worse, this matching
   would mess up the request sent to the agent in such a way as to
   break usage of these keys when the key usage was restricted in
   the agent.  bz3752

 * sftp(1): if editline has been switched to vi mode (i.e. via "bind
   -v" in .editrc), setup a keybinding so that command mode can be
   entered.

 * ssh(1), sshd(8): improve performance of keying the sntrup761 key
   agreement algorithm.

 * ssh(1), sshd(8): enforce maximum packet/block limit during
   pre-authentication phase.

 * sftp(1): don't misuse the sftp limits extension's open-handles
   field. This value is supposed to be the number of handles a
   server will allow to be opened and not a number of outstanding
   read/write requests that can be sent during an upload/download.

 * sshd(8): don't crash at connection time if the main sshd_config
   lacks any subsystem directive but one is defined in a Match block
   bz#3906.

 * sshd_config(5): add a warning next to the ForceCommand directive
   that forcing a command doesn't automatically disable forwarding.

 * sshd_config(5): add a warning that TOKENS are replaced without
   filtering or escaping and that it's the administrator's
   responsibility to ensure they are used safely in context.

 * scp(1): correctly quote filenames in verbose output for local->
   local copies. bz3900

 * sshd(8): don't mess up the PerSourceNetBlockSize IPv6 mask if
   sscanf didn't decode it. GHPR598

 * ssh-add(1): when loading FIDO2 resident keys, set the comment to
   the FIDO application string. This matches the behaviour of
   ssh-keygen -K. GHPR608

 * sshd(8): don't strnvis() log messages that are going to be logged
   by sshd-auth via its parent sshd-session process, as the parent
   will also run them though strnvis(). Prevents double-escaping of
   non-printing characters in some log messages. bz3896

 * ssh-agent(1): escape SSH_AUTH_SOCK paths that are sent to the
   shell as setenv commands. Unbreaks ssh-agent for home directory
   paths that contain whitespace. bz3884

 * All: Remove unnecessary checks for ECDSA public key validity.

 * sshd(8): activate UnusedConnectionTimeout only after the last
   channel has closed. Previously UnusedConnectionTimeout could fire
   early after a ChannelTimeout. This was not a problem for the
   OpenSSH client because it terminates once all channels have
   closed but could cause problems for other clients (e.g. API
   clients) that do things differently.  bz3827

 * All: fix PKCS#11 key PIN entry problems introduced in
   openssh-10.1/10.2.  bz3879

 * scp(1): when using the SFTP protocol for transfers, fix implicit
   destination path selection when source path ends with "..". bz3871

 * sftp(1): when tab-completing a filename, ensure that the completed
   string does not end up mid-way through a multibyte character, as
   this will cause a fatal() later on. GHPR#587

 * ssh-keygen(1): fix crash at exit (visible via ssh-keygen -D) when
   multiple keys loaded.

Portability
-----------

 * sshd(8): immediately report interactive instructions to clients
   when using keyboard-interactive authentication with PAM. bz2876

 * sshd(8): fix duplicate PAM messages under some situations.

 * sshd(8): don't leak PAM handle on repeat invocations. bz3882

 * All: support linking libcrypto implementations (e.g. BoringSSL)
   that required libstdc++.

 * sshd(8): fix ut_type for btmp records, correctly using
   LOGIN_PROCESS and USER_PROCESS.

 * sshd(8): allow uname(3) in the seccomp sandbox. This is needed by
   zlib-ng on RISC-V platforms.

 * All: remove remaining OpenSSL_add_all_algorithms() calls.
   We already have OPENSSL_init_crypto() in the compat layer.
   Prompted by github PR#606

 * All: fix builds on older Mac OS wrt nfds_t.

 * mdoc2man: several improvements including better support for Dl
   and Ns inside Ic.

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
Tim Rice and Ben Lindstrom.