Dear Damien, Is it still possible to include the ssh_config improvements which I proposed last Sunday on this mailing list? For your convenience, I also created a pull request: https://github.com/openssh/openssh-portable/pull/231 Best regards, Volker Damien Miller wrote: > Hi, > > OpenSSH 8.5p1 is almost ready for release, so we would appreciate testing > on as many platforms and systems as possible. This is a bugfix release. > > Snapshot releases for portable OpenSSH are available from > http://www.mindrot.org/openssh_snap/ > > The OpenBSD version is available in CVS HEAD: > http://www.openbsd.org/anoncvs.html > > Portable OpenSSH is also available via git using the > instructions at http://www.openssh.com/portable.html#cvs > At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github: > https://github.com/openssh/openssh-portable > > Running the regression tests supplied with Portable OpenSSH does not > require installation and is a simply: > > $ ./configure && make tests > > Live testing on suitable non-production systems is also appreciated. > Please send reports of success or failure to > openssh-unix-dev@xxxxxxxxxxx. Security bugs should be reported > directly to openssh@xxxxxxxxxxx. > > Below is a summary of changes. More detail may be found in the ChangeLog > in the portable OpenSSH tarballs. > > Thanks to the many people who contributed to this release. > > Security > ======== > > * Portable sshd(8): Prevent excessively long username going to PAM. > > This is a mitigation for a buffer overflow in Solaris' PAM username > handling (CVE-2020-14871), and is only enabled for Sun-derived PAM > implementations. This is not a problem in sshd itself, it only > prevents sshd from being used as a vector to attack Solaris' PAM. > It does not prevent the bug in PAM from being exploited via some > other PAM application. GHPR#212 > > Potentially-incompatible changes > ================================ > > This release includes a number of changes that may affect existing > configurations: > > * ssh(1), sshd(8): this release changes the first-preference signature > algorithm from ECDSA to ED25519. > > * ssh(1), sshd(8): set the TOS/DSCP specified in the configuration > for interactive use prior to TCP connect. The connection phase of > the SSH session is time-sensitive and often explicitly interactive. > The ultimate interactive/bulk TOS/DSCP will be set after > authentication completes. > > * ssh(1), sshd(8): remove the pre-standardization cipher > rijndael-cbc@xxxxxxxxxxxxxx. It is an alias for aes256-cbc before > it was standardized in RFC4253 (2006), has been deprecated and > disabled by default since OpenSSH 7.2 (2016) and was only briefly > documented in ssh.1 in 2001. > > * ssh(1), sshd(8): update/replace the experimental post-quantum > hybrid key exchange method based on Streamlined NTRU Prime coupled > with X25519. > > The previous sntrup4591761x25519-sha512@xxxxxxxxxxx method is > replaced with sntrup761x25519-sha512@xxxxxxxxxxx. Per its > designers, the sntrup4591761 algorithm was superseded almost two > years ago by sntrup761. > > (note this both the updated method and the one that it replaced are > disabled by default) > > * ssh(1): disable CheckHostIP by default. It provides insignificant > benefits while making key rotation significantly more difficult, > especially for hosts behind IP-based load-balancers. > > Changes since OpenSSH 8.4 > ========================= > > New features > ------------ > > * ssh(1): this release enables UpdateHostkeys by default subject to > some conservative preconditions: > - The key was matched in the UserKnownHostsFile (and not in the > GlobalKnownHostsFile). > - The same key does not exist under another name. > - A certificate host key is not in use. > - known_hosts contains no matching wildcard hostname pattern. > - VerifyHostKeyDNS is not enabled. > > We expect some of these conditions will be modified or relaxed in > future. > > * ssh(1), sshd(8): add a new LogVerbose configuration directive for > that allows forcing maximum debug logging by file/function/line > pattern-lists. > > * ssh(1): when prompting the user to accept a new hostkey, display > any other host names/addresses already associated with the key. > > * ssh(1): allow UserKnownHostsFile=none to indicate that no > known_hosts file should be used to identify host keys. > > * ssh(1): add a ssh_config KnownHostsCommand that allows the client > to obtain known_hosts data from a command in addition to the usual > files. > > * ssh(1): for FIDO keys, if a signature operation fails with a > "incorrect PIN" reason and no PIN was initially requested from the > user, then request a PIN and retry the operation. This supports > some biometric devices that fall back to requiring PIN when reading > of the biometric failed, and devices that require PINs for all > hosted credentials. > > * sshd(8): implement client address-based rate-limiting via new > sshd_config(5) PerSourceMaxStartups and PerSourceNetBlockSize > directives that fine-grained control than the global MaxStartups > limit. > > Bugfixes > -------- > > * ssh(1): Prefix keyboard interactive prompts with "(user@host)" to > make it easier to determine which connection they are associated > with in cases like scp -3, ProxyJump, etc. bz#3224 > > * sshd(8): fix sshd_config SetEnv directives located inside Match > blocks. GHPR#201 > > * ssh(1): when requesting a FIDO token touch on stderr, inform the > user once the touch has been recorded. > > * ssh(1): prevent integer overflow when ridiculously large > ConnectTimeout values are specified, capping the effective value > (for most platforms) at 24 days. bz#3229 > > * ssh(1): consider the ECDSA key subtype when ordering host key > algorithms in the client, > > * ssh(1), sshd(8): rename the PubkeyAcceptedKeyTypes keyword to > PubkeyAcceptedAlgorithms. The previous name incorrectly suggested > that it control allowed key algorithms, when this option actually > specifies the signature algorithms that are accepted. The previous > name remains available as an alias. bz#3253 > > * ssh(1), sshd(8): similarly, rename HostbasedKeyTypes (ssh) and > HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms. > > * sftp-server(8): add missing lsetstat@xxxxxxxxxxx documentation > and advertisement in the server's SSH2_FXP_VERSION hello packet. > > * ssh(1), sshd(8): more strictly enforce KEX state-machine by > banning packet types once they are received. Fixes memleak caused > by duplicate SSH2_MSG_KEX_DH_GEX_REQUEST (oss-fuzz #30078). > > * sftp(1): allow the full range of UIDs/GIDs for chown/chgrp on 32bit > platforms instead of being limited by LONG_MAX. bz#3206 > > * Minor man page fixes (capitalization, commas, etc.) bz#3223 > > * sftp(1): when doing an sftp recursive upload or download of a > read-only directory, ensure that the directory is created with > write and execute permissions in the interim so that the transfer > can actually complete, then set the directory permission as the > final step. bz#3222 > > * ssh-keygen(1): document the -Z, check the validity of its argument > earlier and provide a better error message if it's not correct. > bz#2879 > > * ssh(1): ignore comments at the end of config lines in ssh_config, > similar to what we already do for sshd_config. bz#2320 > > * sshd_config(5): mention that DisableForwarding is valid in a > sshd_config Match block. bz3239 > > * sftp(1): fix incorrect sorting of "ls -ltr" under some > circumstances. bz3248. > > * ssh(1), sshd(8): fix potential integer truncation of (unlikely) > timeout values. bz#3250 > > * ssh(1): make hostbased authentication send the signature algorithm > in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type. > This make HostbasedAcceptedAlgorithms do what it is supposed to - > filter on signature algorithm and not key type. > > Portability > ----------- > > * sshd(8): add a number of platform-specific syscalls to the Linux > seccomp-bpf sandbox. bz#3232 bz#3260 > > * sshd(8): remove debug message from sigchld handler that could cause > deadlock on some platforms. bz#3259 > > * Sync contrib/ssh-copy-id with upstream. > > * unittests: add a hostname function for systems that don't have it. > Some systems don't have a hostname command (it's not required by > POSIX). The do have uname -n (which is), but not all of those have > it report the FQDN. > > OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de > Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, > Tim Rice and Ben Lindstrom. > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev -- Volker Diels-Grabsch ----<<<((()))>>>---- _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev