Call for testing: OpenSSH 7.6
Damien Miller
djm at mindrot.org
Thu Sep 21 10:47:59 AEST 2017
Hi,
OpenSSH 7.6p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at http://www.openssh.com/portable.html#cvs
At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
https://github.com/openssh/openssh-portable
Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:
$ ./configure && make tests
Live testing on suitable non-production systems is also appreciated.
Please send reports of success or failure to
openssh-unix-dev at mindrot.org. Security bugs should be reported
directly to openssh at openssh.com.
Below is a summary of changes. More detail may be found in the ChangeLog
in the portable OpenSSH tarballs.
Thanks to the many people who contributed to this release.
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh(1): delete SSH protocol version 1 support, associated
configuration options and documentation.
* ssh(1)/sshd(8): remove support for the hmac-ripemd160 MAC.
* ssh(1)/sshd(8): remove support the arcfour, blowfish and CAST
ciphers.
* Refuse RSA keys <1024 bits in length and improve reporting for keys
that do not meet this requirement.
* ssh(1): do not offer CBC ciphers by default.
Changes since OpenSSH 7.5
=========================
This is primarily a bugfix release. It also contains substantial
internal refactoring.
New Features
------------
* ssh(1): add RemoteCommand option to specify a command in the ssh
config file instead of giving it on the client's command line. This
allows the configuration file to specify the command that will be
executed on the remote host.
* sshd(8): add ExposeAuthInfo option that enables writing details of
the authentication methods used (including public keys where
applicable) to a file that is exposed via a $SSH_USER_AUTH
environment variable in the subsequent session.
* sshd(8): allow LogLevel directive in sshd_config Match blocks;
bz#2717
* ssh-keygen(1): allow inclusion of arbitrary string or flag
certificate extensions and critical options.
* ssh-keygen(1): allow ssh-keygen to use a key held in ssh-agent as
a CA when signing certificates. bz#2377
* ssh(1)/sshd(8): allow IPQoS=none in ssh/sshd to not set an explicit
ToS/DSCP value and just use the operating system default.
* ssh-add(1): added -q option to make ssh-add quiet on success.
* ssh(1): expand the StrictModes option with two new settings. The
first "accept-new" will automatically accept hitherto-unseen keys
but will refuse connections for changed or invalid hostkeys. This
is a safer subset of the current behaviour of StrictModes=no. The
second setting "off", is a synonym for the current behaviour of
StrictModes=no: accept hitherto-unseen keys, and continue connection
for hosts with mismatched/changed hostkeys. A future release will
change the meaning of StrictModes=no to the behaviour of
"accept-new". bz#2400
* ssh(1): add SyslogFacility option to ssh(1) matching the equivalent
option in sshd(8). bz#2705
Bugfixes
--------
* ssh(1): use HostKeyAlias if specified instead of hostname for
matching host certificate principal names; bz#2728
* sftp(1): implement sorting for globbed ls; bz#2649
* ssh(1): add a user at host prefix to client's "Permisison denied"
messages, useful in particular when using "stacked" connections
(e.g. ssh -J) where it's not clear which host is denying. bz#2720
* ssh(1): accept unknown EXT_INFO extension values that contain \0
characters. This is legal, but would previously cause fatal
connection errors if received.
* ssh(1)/sshd(8): repair compression statistics printed at
connection exit
* sftp(1): print '?' instead of incorrect link count (that the
protocol doesn't provide) for remote listings. bz#2710
* ssh(1): return failure rather than fatal() for more cases during
session multiplexing negotiations. Causes the session to fall back
to a non-mux connection if they occur. bz#2707
* ssh(1): mention that the server may send debug messages to explain
public key authentication problems under some circumstances; bz#2709
* Translate OpenSSL error codes to better report incorrect passphrase
errors when loading private keys; bz#2699
* sshd(8): adjust compatibility patterns for WinSCP to correctly
identify versions that implement only the legacy DH group exchange
scheme. bz#2748
* ssh(1): print the "Killed by signal 1" message only at LogLevel
verbose so that it is not shown at the default level; prevents it
from appearing during ssh -J and equivalent ProxyCommand configs.
bz#1906, bz#2744
* ssh-keygen(1): when generating all hostkeys (ssh-keygen -A), clobber
existing keys if they exist but are zero length. zero-length keys
could previously be made if ssh-keygen failed or was interrupted part
way through generating them. bz#2561
* ssh(1): fix pledge(2) violation in the escape sequence "~&" used to
place the current session in the background.
* ssh-keyscan(1): avoid double-close() on file descriptors; bz#2734
* sshd(8): avoid reliance on shared use of pointers shared between
monitor and child sshd processes. bz#2704
* sshd_config(8): document available AuthenticationMethods; bz#2453
* ssh(1): avoid truncation in some login prompts; bz#2768
* sshd(8): Fix various compilations failures, inc bz#2767
* ssh(1): make "--" before the hostname terminate argument processing
after the hostname too.
* ssh-keygen(1): switch from aes256-cbc to aes256-ctr for encrypting
new-style private keys. Fixes problems related to private key
handling for no-OpenSSL builds. bz#2754
* ssh(1): warn and do not attempt to use keys when the public and
private halves do not match. bz#2737
* sftp(1): don't print verbose error message when ssh disconnects
from under sftp. bz#2750
* sshd(8): fix keepalive scheduling problem: activity on a forwarded
port from preventing the keepalive from being sent; bz#2756
* sshd(8): when started without root privileges, don't require the
privilege separation user or path to exist. Makes running the
regression tests easier without touching the filesystem.
* Make integrity.sh regression tests more robust against timeouts.
bz#2658
* ssh(1)/sshd(8): correctness fix for channels implementation: accept
channel IDs greater than 0x7FFFFFFF.
Portability
-----------
* sshd(9): drop two more privileges in the Solaris sandbox:
PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO; bz#2723
* sshd(8): expose list of completed authentication methods to PAM
via the SSH_AUTH_INFO_0 PAM environment variable. bz#2408
* ssh(1)/sshd(8): fix several problems in the tun/tap forwarding code,
mostly to do with host/network byte order confusion. bz#2735
* Add --with-cflags-after and --with-ldflags-after configure flags to
allow setting CFLAGS/LDFLAGS after configure has completed. These
are useful for setting santiser/fuzzing options that may interfere
with configure's operation.
* sshd(8): avoid Linux seccomp violations on ppc64le over the
socketcall syscall.
* Fix use of ldns when using ldns-config; bz#2697
* configure: set cache variables when cross-compiling. The cross-
compiling fallback message was saying it assumed the test passed,
but it wasn't actually set the cache variables and this would
cause later tests to fail.
* Add clang libFuzzer harnesses for public key parsing and signature
verification.
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
Tim Rice and Ben Lindstrom.
More information about the openssh-unix-dev
mailing list