Call for testing: OpenSSH 8.9
The Doctor
doctor at doctor.nl2k.ab.ca
Wed Feb 16 16:20:01 AEDT 2022
On Thu, Feb 10, 2022 at 03:18:23PM +1100, Damien Miller wrote:
> Hi,
>
> OpenSSH 8.9p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
>
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
>
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
>
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
>
> $ ./configure && make tests
>
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
>
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
>
> Thanks to the many people who contributed to this release.
>
> Future deprecation notice
> =========================
>
> A near-future release of OpenSSH will switch scp(1) from using the
> legacy scp/rcp protocol to using SFTP by default.
>
> Legacy scp/rcp performs wildcard expansion of remote filenames (e.g.
> "scp host:* .") through the remote shell. This has the side effect of
> requiring double quoting of shell meta-characters in file names
> included on scp(1) command-lines, otherwise they could be interpreted
> as shell commands on the remote side.
>
> This creates one area of potential incompatibility: scp(1) when using
> the SFTP protocol no longer requires this finicky and brittle quoting,
> and attempts to use it may cause transfers to fail. We consider the
> removal of the need for double-quoting shell characters in file names
> to be a benefit and do not intend to introduce bug-compatibility for
> legacy scp/rcp in scp(1) when using the SFTP protocol.
>
> Another area of potential incompatibility relates to the use of remote
> paths relative to other user's home directories, for example -
> "scp host:~user/file /tmp". The SFTP protocol has no native way to
> expand a ~user path. However, sftp-server(8) in OpenSSH 8.7 and later
> support a protocol extension "expand-path at openssh.com" to support
> this.
>
> Potentially-incompatible changes
> ================================
>
> * sshd(8), portable OpenSSH only: this release removes in-built
> support for MD5-hashed passwords. If you require these on your
> system then we recommend linking against libxcrypt or similar.
>
> * This release modifies the FIDO security key middleware interface
> and increments SSH_SK_VERSION_MAJOR.
>
> Changes since OpenSSH 8.8
> =========================
>
> This release includes a number of new features.
>
> New features
> ------------
>
> * ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for
> restricting forwarding and use of keys added to ssh-agent(1)
> A detailed description of the feature is available at
> https://www.openssh.com/agent-restrict.html and the protocol
> extensions are documented in the PROTOCOL and PROTOCOL.agent
> files in the source release.
>
> * ssh(1), sshd(8): add the sntrup761x25519-sha512 at openssh.com hybrid
> ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the
> default KEXAlgorithms list (after the ECDH methods but before the
> prime-group DH ones).
>
> * ssh-keygen(1): when downloading resident keys from a FIDO token,
> pass back the user ID that was used when the key was created and
> append it to the filename the key is written to (if it is not the
> default). Avoids keys being clobbered if the user created multiple
> resident keys with the same application string but different user
> IDs.
>
> * ssh-keygen(1), ssh(1), ssh-agent(1): better handling for FIDO keys
> on tokens that provide user verification (UV) on the device itself,
> including biometric keys, avoiding unnecessary PIN prompts.
>
> * ssh-keygen(1): add "ssh-keygen -Y match-principals" operation to
> perform matching of principals names against an allowed signers
> file. To be used towards a TOFU model for SSH signatures in git.
>
> * ssh-add(1), ssh-agent(1): allow pin-required FIDO keys to be added
> to ssh-agent(1). $SSH_ASKPASS will be used to request the PIN at
> authentication time.
>
> * ssh-keygen(1): allow selection of hash at sshsig signing time
> (either sha512 (default) or sha256).
>
> * ssh(1), sshd(8): read network data directly to the packet input
> buffer instead indirectly via a small stack buffer. Provides a
> modest performance improvement.
>
> * ssh(1), sshd(8): read data directly to the channel input buffer,
> providing a similar modest performance improvement.
>
> * ssh(1): extend the PubkeyAuthentication configuration directive to
> accept yes|no|unbound|host-bound to allow control over one of the
> protocol extensions used to implement agent-restricted keys.
>
> Bugfixes
> --------
>
> * sshd(8): document that CASignatureAlgorithms, ExposeAuthInfo and
> PubkeyAuthOptions can be used in a Match block. PR#277.
>
> * ssh-keysign(1): unbreak for KEX algorithms that use SHA384/512
> exchange hashes
>
> * ssh(1): don't put the TTY into raw mode when SessionType=none,
> avoids ^C being unable to kill such a session. bz3360
>
> * scp(1): fix some corner-case bugs in SFTP-mode handling of
> ~-prefixed paths.
>
> * ssh(1): unbreak hostbased auth using RSA keys. Allow ssh(1) to
> select RSA keys when only RSA/SHA2 signature algorithms are
> configured (this is the default case). Previously RSA keys were
> not being considered in the default case.
>
> * ssh-keysign(1): make ssh-keysign use the requested signature
> algorithm and not the default for the key type. Part of unbreaking
> hostbased auth for RSA/SHA2 keys.
>
> * ssh(1): stricter UpdateHostkey signature verification logic on
> the client- side. Require RSA/SHA2 signatures for RSA hostkeys
> except when RSA/SHA1 was explicitly negotiated during initial
> KEX; bz3375
>
> * ssh(1), sshd(8): fix signature algorithm selection logic for
> UpdateHostkeys on the server side. The previous code tried to
> prefer RSA/SHA2 for hostkey proofs of RSA keys, but missed some
> cases. This will use RSA/SHA2 signatures for RSA keys if the
> client proposed these algorithms in initial KEX. bz3375
>
> * All: convert all uses of select(2)/pselect(2) to poll(2)/ppoll(2).
> This includes the mainloops in ssh(1), ssh-agent(1), ssh-agent(1)
> and sftp-server(8), as well as the sshd(8) listen loop and all
> other FD read/writability checks. On platforms with missing or
> broken poll(2)/ppoll(2) syscalls as select(2)-based compat shim is
> available.
>
> * ssh-keygen(1): the "-Y find-principals" command was verifying key
> validity when using ca certs but not with simple key lifetimes
> within the allowed signers file.
>
> * ssh-keygen(1): make sshsig verify-time argument parsing optional
>
> * ssh(1), ssh-agent(1): avoid xmalloc(0) for PKCS#11 keyid for ECDSA
> keys (we already did this for RSA keys). Avoids fatal errors for
> PKCS#11 libraries that return empty keyid, e.g. Microchip ATECC608B
> "cryptoauthlib"; bz#3364
>
> * ssh(1), ssh-agent(1): improve the testing of credentials against
> inserted FIDO: ask the token whether a particular key belongs to
> it in cases where the token supports on-token user-verification
> (e.g. biometrics) rather than just assuming that it will accept it.
>
> Will reduce spurious "Confirm user presence" notifications for key
> handles that relate to FIDO keys that are not currently inserted in at
> least some cases. bz3366
>
> * ssh(1), sshd(8): correct value for IPTOS_DSCP_LE. It needs to
> allow for the preceding two ECN bits. bz#3373
>
> * ssh-keygen(1): add missing -O option to usage() for the "-Y sign"
> option.
>
> * ssh-keygen(1): fix a NULL deref when using the find-principals
> function, when matching an allowed_signers line that contains a
> namespace restriction, but no restriction specified on the
> command-line
>
> * ssh-agent(1): fix memleak in process_extension(); oss-fuzz
> issue #42719
>
> * ssh(1): suppress "Connection to xxx closed" messages when LogLevel
> is set to "error" or above. bz3378
>
> * ssh(1), sshd(8): use correct zlib flags when inflate(3)-ing
> compressed packet data. bz3372
>
> * scp(1): when recursively transferring files in SFTP mode, create the
> destination directory if it doesn't already exist to match scp(1) in
> legacy RCP mode behaviour.
>
> * scp(1): many improvements in error message consistency between scp(1)
> in SFTP mode vs legacy RCP mode.
>
> * sshd(8): fix potential race in SIGTERM handling PR#289
>
> * ssh(1), ssh(8): since DSA keys are deprecated, move them to the
> end of the default list of public keys so that they will be tried
> last. PR#295
>
> * ssh-keygen(1): allow 'ssh-keygen -Y find-principals' to match
> wildcard principals in allowed_signers files
>
> Portability
> -----------
>
> * ssh(1), sshd(8): don't trust closefrom(2) on Linux. glibc's
> implementation does not work in a chroot when the kernel does not
> have close_range(2). It tries to read from /proc/self/fd and when
> that fails dies with an assertion of sorts. Instead, call
> close_range(2) directly from our compat code and fall back if
> that fails. bz#3349,
>
> * OS X poll(2) is broken; use compat replacement. For character-
> special devices like /dev/null, Darwin's poll(2) returns POLLNVAL
> when polled with POLLIN. Apparently this is Apple bug 3710161 -
> not public but a websearch will find other OSS projects
> rediscovering it periodically since it was first identified in
> 2005.
>
> * Correct handling of exceptfds/POLLPRI in our select(2)-based
> poll(2)/ppoll(2) compat implementation.
>
> * Cygwin: correct checking of mbstowcs() return value.
>
> * Add a basic SECURITY.md that refers people to the openssh.com
> website.
>
> * Enable additional compiler warnings and toolchain hardening flags,
> including -Wbitwise-instead-of-logical, -Wmisleading-indentation,
> -fzero-call-used-regs and -ftrivial-auto-var-init.
>
> * HP/UX. Use compat getline(3) on HP-UX 10.x, where the libc version
> is not reliable.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
OpenSSH_8.8p1-snap20220216, OpenSSL 1.1.1m+quic 14 Dec 2021
Working in FreeBSD 13.0-p7
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b
Do they do as the Word said, or as the world said? -unknown Beware https://mindspring.com
More information about the openssh-unix-dev
mailing list