Hi, OpenSSH 8.7p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release has a mix of bugfixes and new features. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at http://www.openssh.com/portable.html#cvs At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github: https://github.com/openssh/openssh-portable Running the regression tests supplied with Portable OpenSSH does not require installation and is a simply: $ ./configure && make tests Live testing on suitable non-production systems is also appreciated. Please send reports of success or failure to openssh-unix-dev@xxxxxxxxxxx. Security bugs should be reported directly to openssh@xxxxxxxxxxx. Below is a summary of changes. More detail may be found in the ChangeLog in the portable OpenSSH tarballs. Thanks to the many people who contributed to this release. Potentially-incompatible changes ================================ This release includes a number of changes that may affect existing configurations: * scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. This was previously available via the -3 flag. This mode avoids the need to expose credentials on the origin hop, avoids triplicate interpretation of filenames by the shell (by the local system, the copy origin and the destination) and, in conjunction with the SFTP support for scp(1) mentioned below, allows use of all authentication methods to the remote hosts (previously, only non-interactive methods could be used). A -R flag has been added to select the old behaviour. * ssh(1)/sshd(8): both the client and server are now using a more strict configuration file parser. The new parser uses more shell-like rules for quotes, space and escape characters. It is also more strict in rejecting configurations that include options lacking arguments. Previously some options (e.g. DenyUsers) to appear on a line with no subsequent arguments. This release will reject such configurations. The new parser will also reject configurations with unterminated quotes and multiple '=' characters after the option name. * ssh(1): when using SSHFP DNS records for host key verification, ssh(1) will verify all matching records instead of just those with the specific signature type requested. This may cause host key verification problems if stale SSHFP records of a different or legacy signature type exist alongside other records for a particular host. bz#3322 * ssh-keygen(1): when generating a FIDO key and specifying an explicit attestation challenge (using -Ochallenge), the challenge will now be hashed by the builtin security key middleware. This removes the (undocumented) requirement that challenges be exactly 32 bytes in length and matches the expectations of libfido2. * sshd(8): environment="..." directives in authorized_keys files are now first-match-wins and limited to 1024 discrete environment variable names. Changes since OpenSSH 8.6 ========================= This release contains a mix of new features and bug-fixes. New features ------------ - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used. SFTP offers more predictable filename handling and does not require expansion of glob(3) patterns via the shell on the remote side. SFTP support may be enabled via a temporary scp -s flag. It is intended for SFTP to become the default transfer mode in the near future, at which time the -s flag will be removed. The -O flag exists to force use of the original SCP/RCP protocol for cases where SFTP may be unavailable or incompatible. - sftp-server(8): add a protocol extension to support expansion of ~/ and ~user/ prefixed paths. This was added to support these paths when used by scp(1) while in SFTP mode. - ssh(1): add a ForkAfterAuthentication ssh_config(5) counterpart to the ssh(1) -f flag. GHPR#231 - ssh(1): add a StdinNull directive to ssh_config(5) that allows the config file to do the same thing as -n does on the ssh(1) command- line. GHPR#231 - ssh(1): add a SessionType directive to ssh_config, allowing the configuration file to offer equivalent control to the -N (no session) and -s (subsystem) command-line flags. GHPR#231 - ssh-keygen(1): let allowed signers files used by ssh-keygen(1) signatures support key lifetimes, and allow the verification mode to specify a signature time to check at. This is intended for use by git to support signing objects using ssh keys. - ssh-keygen(8): support printing of the full public key in a sshsig signature via a -Oprint-pubkey flag. Bugfixes -------- * ssh(1)/sshd(8): start time-based re-keying exactly on schedule in the client and server mainloops. Previously the re-key timeout could expire but re-keying would not start until a packet was sent or received, causing a spin in select() if the connection was quiescent. * ssh-keygen(1): avoid Y2038 problem in printing certificate validity lifetimes. Dates past 2^31-1 seconds since epoch were displayed incorrectly on some platforms. bz#3329 * scp(1): allow spaces to appear in usernames for local to remote and scp -3 remote to remote copies. bz#1164 * ssh(1)/sshd(8): remove references to ChallengeResponseAuthentication in favour of KbdInteractiveAuthentication. The former is what was in SSHv1, the latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but not entirely equivalent. We retain the old name as a deprecated alias so configuration files continue to work as well as a reference in the man page for people looking for it. bz#3303 * ssh(1)/ssh-add(1)/ssh-keygen(1): fix decoding of X.509 subject name when extracting a key from a PKCS#11 certificate. bz#3327 * ssh(1): restore blocking status on stdio fds before close. ssh(1) needs file descriptors in non-blocking mode to operate but it was not restoring the original state on exit. This could cause problems with fds shared with other programs via the shell, bz#3280 and GHPR#246 * ssh(1)/sshd(8): switch both client and server mainloops from select(3) to pselect(3). Avoids race conditions where a signal may arrive immediately before select(3) and not be processed until an event fires. bz#2158 * ssh(1): sessions started with ControlPersist were incorrectly executing a shell when the -N (no shell) option was specified. bz#3290 * ssh(1): check if IPQoS or TunnelDevice are already set before overriding. Prevents values in config files from overriding values supplied on the command line. bz#3319 * ssh(1): fix debug message when finding a private key to match a certificate being attempted for user authentication. Previously it would print the certificate's path, whereas it was supposed to be showing the private key's path. GHPR#247 * sshd(8): match host certificates against host public keys, not private keys. Allows use of certificates with private keys held in a ssh-agent. bz#3524 * ssh(1): add a workaround for a bug in OpenSSH 7.4 sshd(8), which allows RSA/SHA2 signatures for public key authentication but fails to advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these server to incorrectly match PubkeyAcceptedAlgorithmse and potentially refuse to offer valid keys. bz#3213 * sftp(1)/scp(1): degrade gracefully if a sftp-server offers the limits@xxxxxxxxxxx extension but fails when the client tries to invoke it. bz#3318 * ssh(1): allow ssh_config SetEnv to override $TERM, which is otherwise handled specially by the protocol. Useful in ~/.ssh/config to set TERM to something generic (e.g. "xterm" instead of "xterm-256color") for destinations that lack terminfo entries. * sftp-server(8): the limits@xxxxxxxxxxx extension was incorrectly marked as an operation that writes to the filesystem, which made it unavailable in sftp-server read-only mode. bz#3318 * ssh(1): fix SEGV in UpdateHostkeys debug() message, triggered when the update removed more host keys than remain present. * many manual page fixes. Portability ----------- * ssh(1): move closefrom() to before first malloc. When built against tcmalloc, the closefrom() would stomp on file descriptors created for tcmalloc's internal use. bz#3321 * sshd(8): handle GIDs > 2^31 in getgrouplist. When compiled in 32bit mode, the getgrouplist implementation may fail for GIDs greater than LONG_MAX. * ssh(1): xstrdup environment variable used by ForwardAgent. bz#3328 * sshd(8): don't sigdie() in signal handler in privsep child process; this can end up causing sandbox violations per bz3286 OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and Ben Lindstrom. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
