| version 1.15, 2024/03/23 14:06:26 |
version 1.16, 2024/03/23 18:46:47 |
|
|
| </ul> |
</ul> |
| </ul> |
</ul> |
| |
|
| <li>OpenSSH 9.x and OpenSSH 9.x |
<li>OpenSSH 9.6 and OpenSSH 9.7 |
| <ul> |
<ul> |
| <li>Potentially incompatible changes |
<li>Security fixes |
| <ul> |
<ul> |
| <li>... |
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>, <a href='https://man.openbsd.org/sshd.8'>sshd(8)</a>: implement protocol extensions to thwart the |
| |
so-called "Terrapin attack" discovered by Fabian Bäumer, Marcus |
| |
Brinkmann and Jörg Schwenk. This attack allows a MITM to effect a |
| |
limited break of the integrity of the early encrypted SSH transport |
| |
protocol by sending extra messages prior to the commencement of |
| |
encryption, and deleting an equal number of consecutive messages |
| |
immediately after encryption starts. A peer SSH client/server |
| |
would not be able to detect that messages were deleted. |
| |
|
| |
<br>While cryptographically novel, the security impact of this attack |
| |
is fortunately very limited as it only allows deletion of |
| |
consecutive messages, and deleting most messages at this stage of |
| |
the protocol prevents user user authentication from proceeding and |
| |
results in a stuck connection. |
| |
|
| |
<br>The most serious identified impact is that it lets a MITM to |
| |
delete the SSH2_MSG_EXT_INFO message sent before authentication |
| |
starts, allowing the attacker to disable a subset of the keystroke |
| |
timing obfuscation features introduced in OpenSSH 9.5. There is no |
| |
other discernable impact to session secrecy or session integrity. |
| |
|
| |
<li><a href='https://man.openbsd.org/ssh-agent.1'>ssh-agent(1)</a>: when adding PKCS#11-hosted private keys while |
| |
specifying destination constraints, if the PKCS#11 token returned |
| |
multiple keys then only the first key had the constraints applied. |
| |
Use of regular private keys, FIDO tokens and unconstrained keys |
| |
are unaffected. |
| |
|
| |
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>: if an invalid user or hostname that contained shell |
| |
metacharacters was passed to <a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>, and a ProxyCommand, |
| |
LocalCommand directive or "match exec" predicate referenced the |
| |
user or hostname via %u, %h or similar expansion token, then |
| |
an attacker who could supply arbitrary user/hostnames to <a href='https://man.openbsd.org/ssh.1'>ssh(1)</a> |
| |
could potentially perform command injection depending on what |
| |
quoting was present in the user-supplied <a href='https://man.openbsd.org/ssh_config.5'>ssh_config(5)</a> directive. |
| |
|
| |
<br>OpenSSH 9.6 now |
| |
bans most shell metacharacters from user and hostnames supplied |
| |
via the command-line. This countermeasure is not guaranteed to be |
| |
effective in all situations, as it is infeasible for <a href='https://man.openbsd.org/ssh.1'>ssh(1)</a> to |
| |
universally filter shell metacharacters potentially relevant to |
| |
user-supplied commands. |
| |
|
| |
<br>User/hostnames provided via <a href='https://man.openbsd.org/ssh_config.5'>ssh_config(5)</a> are not subject to these |
| |
restrictions, allowing configurations that use strange names to |
| |
continue to be used, under the assumption that the user knows what |
| |
they are doing in their own configuration files. |
| </ul> |
</ul> |
| <li>New features |
<li>New features |
| <ul> |
<ul> |
| <li>... |
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>, <a href='https://man.openbsd.org/sshd.8'>sshd(8)</a>: add a "global" ChannelTimeout type that watches |
| |
all open channels and will close all open channels if there is no |
| |
traffic on any of them for the specified interval. This is in |
| |
addition to the existing per-channel timeouts added recently. |
| |
<br>This supports situations like having both session and x11 |
| |
forwarding channels open where one may be idle for an extended |
| |
period but the other is actively used. The global timeout could |
| |
close both channels when both have been idle for too long. |
| |
|
| |
<li>All: make DSA key support compile-time optional, defaulting to on. |
| </ul> |
</ul> |
| <li>Bugfixes |
<li>Bugfixes |
| <ul> |
<ul> |
| <li>... |
<li><a href='https://man.openbsd.org/sshd.8'>sshd(8)</a>: don't append an unnecessary space to the end of subsystem |
| |
arguments (<a href='https://bugzilla.mindrot.org/show_bug.cgi?id=3667'>bz3667</a>) |
| |
|
| |
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>: fix the multiplexing "channel proxy" mode, broken when |
| |
keystroke timing obfuscation was added. (<a href='https://github.com/openssh/openssh-portable/pull/463'>GHPR#463</a>) |
| |
|
| |
<li><a href='https://man.openbsd.org/ssh.1'>ssh(1)</a>, <a href='https://man.openbsd.org/sshd.8'>sshd(8)</a>: fix spurious configuration parsing errors when |
| |
options that accept array arguments are overridden (<a href='https://bugzilla.mindrot.org/show_bug.cgi?id=3657'>bz3657</a>). |
| |
|
| |
<li><a href='https://man.openbsd.org/ssh-agent.1'>ssh-agent(1)</a>: fix potential spin in signal handler (<a href='https://bugzilla.mindrot.org/show_bug.cgi?id=3670'>bz3670</a>) |
| |
|
| |
<li>Many fixes to manual pages and other documentation, including |
| |
<a href='https://github.com/openssh/openssh-portable/pull/462'>GHPR#462</a>, <a href='https://github.com/openssh/openssh-portable/pull/454'>GHPR#454</a>, <a href='https://github.com/openssh/openssh-portable/pull/442'>GHPR#442</a> and <a href='https://github.com/openssh/openssh-portable/pull/441'>GHPR#441</a>. |
| |
|
| |
<li>Greatly improve interop testing against PuTTY. |
| </ul> |
</ul> |
| </ul> |
</ul> |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to 75.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www