Call for testing: OpenSSH 10.1p1

Predrag Zečević predrag.zecevic.1961 at googlemail.com
Wed Oct 1 17:16:08 AEST 2025


Hi Damien,

Tested compilation of openssh-SNAP-20250930.tar.gz on OpenIndiana:
* :; uname -rosv
SunOS 5.11 illumos-da3b00f42a illumos
* GCC 14 (and GCC 13 was tested too)
* custom: OpenSSL 3.5.3, OpenLDAP 2.6.10, Keberos5-1.21.3

compilation went fine (no error):
:; ssh -V
OpenSSH_10.0p2-snap20250930, OpenSSL 3.5.3 16 Sep 2025

When running tests, a lot of scripts throw warning, like:
openssh-SNAP-20250930/regress/agent-timeout.sh: warning: line 9: `...` 
obsolete, use $(...)

etc

Even if I set "WarnWeakCrypto no" in my config 
(https://www.openssh.com/pq.html) to avoid connection warning I have 
noticed:

* connection to CentOS 9 (openssh 9.9p1) works w/o issues
* connection to CentOS 8 (openssh 8.0p1) introduces some issues (slow 
connection and interaction on remote node - like it (ssh) spends some 
time in some loop). Have not tried connection to older systems (with 
older openssh), so I was forced to go back to version 10.0p2
* 'make test' runs fine, but terminates with strange error:
...
ok basic sftp put/get 
  

run test sftp-chroot.sh ... 
  

test sftp in chroot: get 
  

FATAL: Fetch testdata_predrag_zecevic.179304 failed 
  

rm: cannot remove '/var/run/testdata_predrag_zecevic.179304': Permission 
denied

Regards.

P.S. any hint how I can see where is problem (w/o need to change 
anything on remote side/server) would be appreciated

On 2025-09-30 15:45, Damien Miller wrote:
> Hi,
> 
> OpenSSH 10.1p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible.
> 
> Snapshot releases for portable OpenSSH are available from
> http://www.mindrot.org/openssh_snap/
> 
> The OpenBSD version is available in CVS HEAD:
> http://www.openbsd.org/anoncvs.html
> 
> Portable OpenSSH is also available via git using the
> instructions at http://www.openssh.com/portable.html#cvs
> At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
> https://github.com/openssh/openssh-portable
> 
> Running the regression tests supplied with Portable OpenSSH does not
> require installation and is a simply:
> 
> $ ./configure && make tests
> 
> Live testing on suitable non-production systems is also appreciated.
> Please send reports of success or failure to
> openssh-unix-dev at mindrot.org. Security bugs should be reported
> directly to openssh at openssh.com.
> 
> Below is a summary of changes. More detail may be found in the ChangeLog
> in the portable OpenSSH tarballs.
> 
> Thanks to the many people who contributed to this release.
> 
> Potentially-incompatible changes
> --------------------------------
> 
>   * ssh(1): add a warning when the connection negotiates a non-post
>     quantum key agreement algorithm.
> 
>     This warning has been added due to the risk of "store now, decrypt
>     later" attacks. More details at https://openssh.com/pq.html
> 
>     This warning may be controlled via a new WarnWeakCrypto ssh_config
>     option, defaulting to on. This option is likely to control
>     additional weak crypto warnings in the future.
> 
>   * ssh(1), sshd(8): major changes to handling of DSCP marking/IPQoS
> 
>     Both the client and the server have changed the default DCSP
>     (a.k.a IPQos) values and the way these values are selected at
>     runtime.
> 
>     Both endpoints now use Expedited Forward (EF) for interactive
>     traffic by default. This provides better prioritisation,
>     especially on wireless media (cf. RFC 8325). Non-interactive
>     traffic now uses the operating system default DSCP marking.
>     Both the interactive and non-interactive DSCP values may be
>     overridden via the IPQoS keyword in ssh_config(5) and
>     sshd_config(5).
> 
>     The DSCP value selected may now change over the course of a
>     connection. ssh(1) and sshd(8) will automatically select between
>     the interactive and non-interactive IPQoS values depending on
>     the type of SSH channels open. E.g. if a sftp session is using
>     the connectionn, then the non-interactive value will be used.
> 
>     This is important now that the default interactive IPQoS is EF
>     (Expedited Forwarding), as many networks are configured to allow
>     only relatively small amounts of traffic of this class and they will
>     aggressively deprioritise the entire connection if this is exceeded.
> 
>   * ssh-add(1): when adding certificates to an agent, set the expiry
>     to the certificate expiry time plus a short (5 min) grace period.
> 
>     This will cause the agent to automtically remove certificates shortly
>     after they expire. A new ssh-add -N option disables this behaviour.
> 
>   * All: remove experimental support for XMSS keys. This was never
>     enabled by default. We expect to implement a new post-quantu
>     signature scheme in the near future.
> 
>   * ssh(1), sshd(8): deprecate support for IPv4 type-of-service (TOS)
>     keywords in the IPQoS configuration directive.
> 
>     Type of Service (ToS) was deprecated in the late nineties and
>     replaced with the Differentiated Services architecture. Diffserv
>     has significant advantages for operators because this mechanism
>     offers more granularity.
> 
>     OpenSSH switched its default IPQoS from ToS to DSCP values in 2018.
> 
>     IPQoS configurations with 'lowdelay', 'reliability', or
>     'throughput' will be ignored and instead the system default QoS
>     settings apply. Additionally, a debug message is logged about the
>     deprecation with a suggestion to use DSCP.
> 
>   * ssh-agent(1), sshd(8): move agent listener sockets from /tmp to
>     under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets
>     in sshd(8).
> 
>     This ensures processes that have restricted filesystem access
>     that includes /tmp do not ambiently have the ability to use keys
>     in an agent.
> 
>     Moving the default directory has the consequence that the OS will
>     no longer clean up stale agent sockets, so ssh-agent now gains
>     this ability.
> 
>     To support $HOME on NFS, the socket path includes a truncated hash of
>     the hostname. ssh-agent will by default only clean up sockets from
>     the same hostname.
> 
>     ssh-agent(1) gains some new flags: -U suppresses the automatic
>     cleanup of stale sockets when it starts. -u forces a cleanup
>     without keeping a running agent, -uu forces a cleanup that ignores
>     the hostname. -T makes ssh-agent put the socket back in /tmp.
> 
> Changes since OpenSSH 10.0
> ==========================
> 
> New features
> ------------
> 
>   * ssh(1), sshd(8): add SIGINFO handlers to log active channel and
>     session information.
> 
>   * sshd(8): when refusing a certificate for user authentication, log
>     enough information to identify the certificate in addition to the
>     reason why it was being denied. Makes debugging certificate
>     authorisation problems a bit easier.
> 
>   * ssh(1), ssh-agent(1): support ed25519 keys hosted on PKCS#11
>     tokens.
> 
>   * ssh(1): add a ssh_config(5) RefuseConnection option that, when
>      encountered while processing an active section in a
>      configuration terminates ssh(1) with an error message that
>      contains the argument to the option.
> 
>      This may be useful for expressing reminders or warnings in config
>      files, for example:
> 
>      Match host foo
>             RefuseConnection "foo is deprecated, use splork instead"
> 
>   * sshd(8): make the X11 display number check relative to
>     X11DisplayOffset. This will allows people to use X11DisplayOffset
>     to configure much higher port ranges if they really want, while
>     not changing the default behaviour.
> 
>   * unit tests: the unit test framework now includes some basic
>     benchmarking capabilities. Run with "make UNITTEST_BENCHMARK=yes"
>     on OpenBSD or "make unit-bench" on Portable OpenSSH.
> 
> Bugfixes
> --------
> 
>   * sshd(8): fix mistracking of MaxStartups process exits in some
>     situations. At worst, this could cause all MaxStartups slots to
>     fill and sshd to refuse new connections.
> 
>   * ssh(1): fix delay on X client startup when ObscureKeystrokeTiming
>     is enabled. bz#3820
> 
>   * sshd(8): increase the maximum size of the supported configuration
>     from 256KB to 4MB, which ought to be enough for anybody. Fail
>     early and visibly when this limit is breached. bz3808
> 
>   * sftp(1): during sftp uploads, avoid a condition where a failed
>     write could be ignored if a subsequent write succeeded. This is
>     unlikely but technically possible because sftp servers are
>     allowed to reorder requests.
> 
>   * sftp(1): avoid a fatal() when sftp tab-completes filenames that
>     share common utf-8 characters that don't encode to a complete
>     codepoint.
> 
>   * sshd(8): avoid a race condition when the sshd-auth process exits
>     tha could cause a spurious error message to be logged.
> 
>   * sshd(8): log at level INFO when PerSourcePenalties actually
>     blocks access to a source address range. Previously this was
>     logged at level VERBOSE, which hid enforcement actions under
>     default config settings.
> 
>   * sshd(8): GssStrictAcceptor was missing from sshd -T output; fix
> 
>   * sshd(8): Make the MaxStartups and PerSourceNetBlockSize options
>     first-match-wins as advertised. bz3859
> 
>   * ssh(1): fix an incorrect return value check in the local forward
>     cancellation path that would cause failed cancellations not to be
>     logged.
> 
>   * sshd(8): make "Match !final" not trigger a 2nd pass ssh_config
>     parsing pass (unless hostname canonicalisation or a separate
>     "Match final" does). bz3843
> 
>   * ssh(1): better debug diagnostics when loading keys. Will now list
>     key fingerprint and algorithm (not just algorithm number) as well
>     as making it explicit which keys didn't load.
> 
>   * All: fix a number of memory leaks found by LeakSanitizer,
>     Coverity and manual inspection.
> 
>   * sshd(8): : Output the current name for PermitRootLogin's
>     "prohibit-password" in sshd -T instead of its deprecated alias
>     "without-password".  bz#3788
> 
>   * ssh(1): make writing known_hosts lines more atomic by writing
>     the entire line in one operation and using unbuffered stdio.
> 
>     Usually writes to this file are serialised on the "Are you sure you
>     want to continue connecting?" prompt, but if host key checking is
>     disabled and connections were being made with high concurrency
>     then interleaved writes might have been possible.
> 
> Portability
> -----------
> 
>   * sshd(8): check the username didn't change during the PAM
>     transactions.
> 
>     PAM modules can change the user during their execution, but
>     this is not supported by sshd(8). If such a case was incorrectly
>     configured by the system administrator, then sshd(8) could end up
>     using a different username to the one authorised by PAM.
> 
>   * sshd(8): don't log audit messages with UNKNOWN hostname to avoid
>     slow DNS lookups in the audit subsystem.
> 
>   * All: when making a copy of struct passwd, ensure struct fields are
>     non-NULL. Android libc can return NULL pw_gecos, for example.
> 
>   * All: Remove status bits from OpenSSL >=3 version check.
> 
>   * sshd(8), ssh(1): Use SSH_TUN_COMPAT_AF on FreeBSD. Otherwise tun
>     forwarding from other OSes fails as soon as the first IPv6 message
>     is sent by the other side (which is usually a Router Solicitation
>     ICMPv6 message which is sent as soon as the interface is up).
> 
>   * ssh(1), ssh-agent(8): check for nlist function presence before
>     attenmpting to use it instead of relying on the presence of the
>     nlist.h header.  Mac OS X, in particular has the header, but only
>     has the function in the 32bit libraries.
> 
>   * All: fill in missing system header files.
> 
>     Create replacement header files inside openbsd-compat for common
>     headers that are missing on a given platform. Usually these are
>     just empty, but in some cases they'll include the equivalent file.
>     This avoids having to wrap those includes in '#ifdef HAVE_FOO_H'
>     and reduces the diff between Portable OpenSSH and OpenBSD.
> 
>   * sshd(8): handle futex_time64 properly in seccomp sandbox
>     Previously we only allowed __NR_futex, but some 32-bit systems
>     apparently support __NR_futex_time64. We had support for this
>     in the sandbox, but because of a macro error only __NR_futex was
>     allowlisted.
> 
>   * Add contrib/gnome-ssh-askpass4 for GNOME 40+ using the GCR API.
> 
>   * sshd(8): let ga_init() fail gracefully if getgrouplist does.
>     Apparently getgrouplist() can fail on OSX when passed a
>     non-existent group name. Other platforms seem to return a group
>     list consisting of the numeric gid passed to the function. bz3848
> 
>   * ssh-agent(1): exit 0 from SIGTERM under systemd socket-activation,
>     preventing a graceful shutdown of an agent via systemd from
>     incorrectly marking the service as "failed".
> 
>   * build: wrap some autoconf macros in AC_CACHE_CHECK.
> 
>     This allows skipping/overriding the OSSH_CHECK_CFLAG_COMPILE and
>     OSSH_CHECK_CFLAG_LINK macros used to discover supported compiler
>     or linker flags. E.g.
> 
>       $ ./configure ossh_cv_cflag__fzero_call_used_regs_used=no
>       [...]
>       checking if cc supports compile flag -fzero-call-used-regs=used and linking succeeds... (cached) no
> 
> Reporting Bugs:
> ===============
> 
> - Please read https://www.openssh.com/report.html
>    Security bugs should be reported directly to openssh at openssh.com
> 
> OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
> Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
> Tim Rice and Ben Lindstrom.
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

-- 
Predrag Zečević



More information about the openssh-unix-dev mailing list