OpenSSH 6.9 was released on 2015-07-01. It is available from the mirrors listed at https://www.openssh.com/. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: http://www.openssh.com/donations.html Future Deprecation Notice ========================= The 7.0 release of OpenSSH, due for release in late July, will deprecate several features, some of which may affect compatibility or existing configurations. The intended changes are as follows: * The default for the sshd_config(5) PermitRootLogin option will change from "yes" to "no". * Support for the legacy version 1.x of the SSH protocol will be disabled at compile time by default. * Support for the 1024-bit diffie-hellman-group1-sha1 key exchange will be run-time disabled by default. * Support for ssh-dss, ssh-dss-cert-* host and user keys will be run-time disabled by default. * Support for the legacy v00 cert format will be removed * Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES * Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits) This list reflects our current intentions, but please check the final release notes for OpenSSH 7.0 when it is released. Changes since OpenSSH 6.8 ========================= This is primarily a bugfix release. Security -------- * ssh(1): when forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh(1) coupled with "fail open" behaviour in the X11 server when clients attempted connections with expired credentials. This problem was reported by Jann Horn. * ssh-agent(1): fix weakness of agent locking (ssh-add -x) to password guessing by implementing an increasing failure delay, storing a salted hash of the password rather than the password itself and using a timing-safe comparison function for verifying unlock attempts. This problem was reported by Ryan Castellucci. New Features ------------ * ssh(1), sshd(8): promote chacha20-poly1305@openssh.com to be the default cipher * sshd(8): support admin-specified arguments to AuthorizedKeysCommand; bz#2081 * sshd(8): add AuthorizedPrincipalsCommand that allows retrieving authorized principals information from a subprocess rather than a file. * ssh(1), ssh-add(1): support PKCS#11 devices with external PIN entry devices bz#2240 * sshd(8): allow GSSAPI host credential check to be relaxed for multihomed hosts via GSSAPIStrictAcceptorCheck option; bz#928 * ssh-keygen(1): support "ssh-keygen -lF hostname" to search known_hosts and print key hashes rather than full keys. * ssh-agent(1): add -D flag to leave ssh-agent in foreground without enabling debug mode; bz#2381 Bugfixes -------- * ssh(1), sshd(8): deprecate legacy SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message and do not try to use it against some 3rd-party SSH implementations that use it (older PuTTY, WinSCP). * Many fixes for problems caused by compile-time deactivation of SSH1 support (including bz#2369) * ssh(1), sshd(8): cap DH-GEX group size at 4Kbits for Cisco implementations as some would fail when attempting to use group sizes >4K; bz#2209 * ssh(1): fix out-of-bound read in EscapeChar configuration option parsing; bz#2396 * sshd(8): fix application of PermitTunnel, LoginGraceTime, AuthenticationMethods and StreamLocalBindMask options in Match blocks * ssh(1), sshd(8): improve disconnection message on TCP reset; bz#2257 * ssh(1): remove failed remote forwards established by muliplexing from the list of active forwards; bz#2363 * sshd(8): make parsing of authorized_keys "environment=" options independent of PermitUserEnv being enabled; bz#2329 * sshd(8): fix post-auth crash with permitopen=none; bz#2355 * ssh(1), ssh-add(1), ssh-keygen(1): allow new-format private keys to be encrypted with AEAD ciphers; bz#2366 * ssh(1): allow ListenAddress, Port and AddressFamily configuration options to appear in any order; bz#86 * sshd(8): check for and reject missing arguments for VersionAddendum and ForceCommand; bz#2281 * ssh(1), sshd(8): don't treat unknown certificate extensions as fatal; bz#2387 * ssh-keygen(1): make stdout and stderr output consistent; bz#2325 * ssh(1): mention missing DISPLAY environment in debug log when X11 forwarding requested; bz#1682 * sshd(8): correctly record login when UseLogin is set; bz#378 * sshd(8): Add some missing options to sshd -T output and fix output of VersionAddendum and HostCertificate. bz#2346 * Document and improve consistency of options that accept a "none" argument" TrustedUserCAKeys, RevokedKeys (bz#2382), AuthorizedPrincipalsFile (bz#2288) * ssh(1): include remote username in debug output; bz#2368 * sshd(8): avoid compatibility problem with some versions of Tera Term, which would crash when they received the hostkeys notification message (hostkeys-00@openssh.com) * sshd(8): mention ssh-keygen -E as useful when comparing legacy MD5 host key fingerprints; bz#2332 * ssh(1): clarify pseudo-terminal request behaviour and use make manual language consistent; bz#1716 * ssh(1): document that the TERM environment variable is not subject to SendEnv and AcceptEnv; bz#2386 Portable OpenSSH ---------------- * sshd(8): Format UsePAM setting when using sshd -T, part of bz#2346 * Look for '${host}-ar' before 'ar', making cross-compilation easier; bz#2352. * Several portable compilation fixes: bz#2402, bz#2337, bz#2370 * moduli(5): update DH-GEX moduli Checksums: ========== - SHA1 (openssh-6.9.tar.gz) = cd5fcb93411025bbc4b4b57753b622769dfb1e0d - SHA256 (openssh-6.9.tar.gz) = itCMw0aE/xvrGKWhzRD2UM/9kzIOyFaH2dIWMfX8agQ= - SHA1 (openssh-6.9p1.tar.gz) = 86ab57f00d0fd9bf302760f2f6deac1b6e9df265 - SHA256 (openssh-6.9p1.tar.gz) = bgdN9TjzV9RAvmz5PcWBoh8i054jbyF/zY6su2yJbP4= Please note that the PGP key used to sign releases was recently rotated. The new key has been signed by the old key to provide continuity. It is available from the mirror sites as RELEASE_KEY.asc. Reporting Bugs: =============== - Please read http://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom.