Hi Dan, Dan Fuhry : > I've noticed that OpenSSH 7.7 adds stricter validation of user > environment strings from authorized_keys files. While strict > validation is a good thing from a security perspective, this new > change specifically blocks underscores which are common to include in > a user environment string. This results in the key being rejected > outright. Including underscores in a user environment is a relatively > common use case, for example setting LC_ALL. Looks like this issue was fixed already : https://github.com/openssh/openssh-portable/commit/484fc023af92ee30bc99eb9798235a00e8f929cc commit 484fc023af92ee30bc99eb9798235a00e8f929cc Author: djm@xxxxxxxxxxx <djm@xxxxxxxxxxx> Date: Fri Apr 6 04:15:45 2018 +0000 upstream: relax checking of authorized_keys environment="..." options to allow underscores in variable names (regression introduced in 7.7). bz2851, ok deraadt@ OpenBSD-Commit-ID: 69690ffe0c97ff393f2c76d25b4b3d2ed4e4ac9c >From what I see, there has been no release after that though. Latest release is 7.7 and does not have the patch. Hope this helps, Flavien. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev