===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/43.html,v
retrieving revision 1.101
retrieving revision 1.102
diff -c -r1.101 -r1.102
*** www/43.html 2019/05/27 22:55:18 1.101
--- www/43.html 2019/05/31 13:15:31 1.102
***************
*** 294,300 ****
"ChrootDirectory". Please refer to
sshd_config(5)
for details, and
! please use this feature carefully.
Linked
sftp-server(8)
into
--- 294,300 ----
"ChrootDirectory". Please refer to
sshd_config(5)
for details, and
! please use this feature carefully.
Linked
sftp-server(8)
into
***************
*** 304,327 ****
internal sftp server requires no special configuration of files
inside the chroot environment. Please refer to
sshd_config(5)
! for more information.
Added a protocol extension method "posix-rename@openssh.com" for
sftp-server(8)
! to perform POSIX atomic rename() operations.
Removed the fixed limit of 100 file handles in
sftp-server(8).
The server will now dynamically allocate handles up to the number of
! available file descriptors.
ssh(1)
will now skip generation of SSH protocol 1 ephemeral server
keys when in inetd mode and protocol 2 connections are negotiated.
This speeds up protocol 2 connections to inetd-mode servers that
! also allow Protocol 1.
Accept the PermitRootLogin directive in a
sshd_config(5)
Match
block. Allows for, e.g. permitting root only from the local
! network.
Reworked
sftp(1)
argument splitting and escaping to be more
--- 304,327 ----
internal sftp server requires no special configuration of files
inside the chroot environment. Please refer to
sshd_config(5)
! for more information.
Added a protocol extension method "posix-rename@openssh.com" for
sftp-server(8)
! to perform POSIX atomic rename() operations.
Removed the fixed limit of 100 file handles in
sftp-server(8).
The server will now dynamically allocate handles up to the number of
! available file descriptors.
ssh(1)
will now skip generation of SSH protocol 1 ephemeral server
keys when in inetd mode and protocol 2 connections are negotiated.
This speeds up protocol 2 connections to inetd-mode servers that
! also allow Protocol 1.
Accept the PermitRootLogin directive in a
sshd_config(5)
Match
block. Allows for, e.g. permitting root only from the local
! network.
Reworked
sftp(1)
argument splitting and escaping to be more
***************
*** 330,343 ****
sh(1).
Please note that this will change the
interpretation of some quoted strings, especially those with
! embedded backslash escape sequences.
Support "Banner=none" in
sshd_config(5)
to disable sending of a
! pre-login banner (e.g. in a Match block).
ssh(1)
ProxyCommands are now executed with $SHELL rather than
! /bin/sh.
ssh(1)'s
ConnectTimeout option is now applied to both the TCP
connection and the SSH banner exchange (previously it just covered
--- 330,343 ----
sh(1).
Please note that this will change the
interpretation of some quoted strings, especially those with
! embedded backslash escape sequences.
Support "Banner=none" in
sshd_config(5)
to disable sending of a
! pre-login banner (e.g. in a Match block).
ssh(1)
ProxyCommands are now executed with $SHELL rather than
! /bin/sh.
ssh(1)'s
ConnectTimeout option is now applied to both the TCP
connection and the SSH banner exchange (previously it just covered
***************
*** 346,374 ****
to better detect
and deal with stuck servers that accept a TCP connection but don't
progress the protocol, and also makes ConnectTimeout useful for
! connections via a ProxyCommand.
Many new regression tests, including interop tests against PuTTY's
! plink.
!
The following significant bugs have been fixed in this release:
- SSH2_MSG_UNIMPLEMENTED packets did not correctly reset the client
keepalive logic, causing disconnections on servers that did not
! explicitly implement "keepalive@openssh.com".
- ssh(1)
used the obsolete SIG DNS RRtype for host keys in DNS,
! instead of the current standard RRSIG.
- Correctly drain ACKs when a
sftp(1)
upload write fails midway,
! avoids a fatal() exit from what should be a recoverable condition.
- Fixed packet size advertisements. Previously TCP and agent
forwarding incorrectly advertised the channel window size as the
! packet size, causing fatal errors under some conditions.
- Many more bugfixes. Please refer to the
Release Notes.
!
!
--- 346,374 ----
to better detect
and deal with stuck servers that accept a TCP connection but don't
progress the protocol, and also makes ConnectTimeout useful for
! connections via a ProxyCommand.
Many new regression tests, including interop tests against PuTTY's
! plink.
!
The following significant bugs have been fixed in this release:
- SSH2_MSG_UNIMPLEMENTED packets did not correctly reset the client
keepalive logic, causing disconnections on servers that did not
! explicitly implement "keepalive@openssh.com".
- ssh(1)
used the obsolete SIG DNS RRtype for host keys in DNS,
! instead of the current standard RRSIG.
- Correctly drain ACKs when a
sftp(1)
upload write fails midway,
! avoids a fatal() exit from what should be a recoverable condition.
- Fixed packet size advertisements. Previously TCP and agent
forwarding incorrectly advertised the channel window size as the
! packet size, causing fatal errors under some conditions.
- Many more bugfixes. Please refer to the
Release Notes.
!
!