Re: Call for testing: openssh-9.8

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi all,

It compiles on OpenIndiana, GCC 13, with custom OpenSSL 3.2:

:; ssh -V
OpenSSH_9.7p1-snap20240618, OpenSSL 3.2.1 30 Jan 2024

Did not checked everything yet...
Thanks

On 2024-06-18 04:46, Damien Miller wrote:
Hi,

OpenSSH 9.8p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.

Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/

The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html

Portable OpenSSH is also available via git using the
instructions at http://www.openssh.com/portable.html#cvs
At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
https://github.com/openssh/openssh-portable

Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:

$ ./configure && make tests

Live testing on suitable non-production systems is also appreciated.
Please send reports of success or failure to
openssh-unix-dev@xxxxxxxxxxx. Security bugs should be reported
directly to openssh@xxxxxxxxxxx.

Below is a summary of changes. More detail may be found in the ChangeLog
in the portable OpenSSH tarballs.

Thanks to the many people who contributed to this release.

Future deprecation notice
=========================

OpenSSH plans to remove support for the DSA signature algorithm in
early 2025. This release disables DSA by default at compile time.

DSA, as specified in the SSHv2 protocol, is inherently weak - being
limited to a 160 bit private key and use of the SHA1 digest. Its
estimated security level is only 80 bits symmetric equivalent.

OpenSSH has disabled DSA keys by default since 2015 but has retained
run-time optional support for them. DSA was the only mandatory-to-
implement algorithm in the SSHv2 RFCs, mostly because alternative
algorithms were encumbered by patents when the SSHv2 protocol was
specified.

This has not been the case for decades at this point and better
algorithms are well supported by all actively-maintained SSH
implementations. We do not consider the costs of maintaining DSA
in OpenSSH to be justified and hope that removing it from OpenSSH
can accelerate its wider deprecation in supporting cryptography
libraries.

This release, and its deactivation of DSA by default at compile-time,
marks the second step in our timeline to finally deprecate DSA. The
final step of removing DSA support entirely is planned for the first
OpenSSH release of 2025.

Potentially-incompatible changes
--------------------------------

  * all: as mentioned above, the DSA signature algorithm is now
    disabled at compile time.

  * sshd(8): the server will now block client addresses that
    repeatedly fail authentication, repeatedly connect without ever
    completing authentication or that crash the server. See the
    discussion of PerSourcePenalties below for more information.
    Operators of servers that accept connections from many users, or
    servers that accept connections from addresses behind NAT or
    proxies may need to consider these settings.

  * sshd(8): the server has been split into a listener binary, sshd(8),
    and a per-session binary "sshd-session". This allows for a much
    smaller listener binary, as it no longer needs to support the SSH
    protocol. As part of this work, support for disabling privilege
    separation (which previously required code changes to disable) and
    disabling re-execution of sshd(8) has been removed. Further
    separation of sshd-session into additional, minimal binaries is
    planned for the future.

  * sshd(8): several log messages have changed. In particular, some
    log messages will be tagged with as originating from a process
    named "sshd-session" rather than "sshd".

  * ssh-keyscan(1): this tool previously emitted comment lines
    containing the hostname and SSH protocol banner to standard error.
    This release now emits them to standard output, but adds a new
    "-q" flag to silence them altogether.

  * sshd(8): (portable OpenSSH only) sshd will no longer use argv[0]
    as the PAM service name. A new "PAMServiceName" sshd_config(5)
    directive allows selecting the service name at runtime. This
    defaults to "sshd". bz2101

Changes since OpenSSH 9.7
=========================

This release contains mostly bugfixes.

New features
------------

  * sshd(8): add the ability to penalise client addresses that, for
    various reasons, do not successfully complete authentication.
    sshd(8) will now identify situations where the session did not
    authenticate as expected. These conditions include when the client
    repeatedly attempted authentication unsucessfully (possibly
    indicating an attack against one or more accounts, e.g. password
    guessing), or when client behaviour caused sshd to crash (possibly
    indicating attempts to exploit sshd).

    When such a condition is observed, sshd will record a penalty of
    some duration (e.g. 30 seconds) against the client's address. If
    this time is above a minimum configurable threshold, then all
    connections from the client address will be refused (along with any
    others in the same PerSourceNetBlockSize CIDR range).

    Repeated offenses by the same client address will accrue greater
    penalties, up to a configurable maximum. Address ranges may be
    exempted from penalties using the PerSourcePenaltyExemptList
    option.

    We hope these options will make it significantly more difficult for
    attackers to find accounts with weak/guessable passwords or exploit
    bugs in sshd(8) itself. This option is enabled by default.

  * ssh(8): allow the HostkeyAlgorithms directive to disable the
    implicit fallback from certificate host key to plain host keys.

Bugfixes
--------

  * misc: fix a number of inaccuracies in the PROTOCOL.*
    documentation. GHPR430 GHPR487

  * all: switch to strtonum(3) for more robust integer parsing in most
    places.

  * ssh(1), sshd(8): correctly restore sigprocmask around ppoll()

  * ssh-keysign(8): stricter validation of messaging socket fd GHPR492

  * sftp(1): flush stdout after writing "sftp>" prompt when not using
    editline. GHPR480

  * sftp-server(8): fix home-directory extension implementation, it
    previously always returned the current user's home directory
    contrary to the spec. GHPR477

  * ssh-keyscan(1): do not close stdin in any case to prevent error
    messages when stdin is read multiple times. E.g.
     echo localhost | ssh-keyscan -f - -f -

  * regression tests: fix rekey test that was testing the same KEX
    algorithm repeatedly instead of testing all of them. bz3692

  * ssh_config(5), sshd_config(5): clarify the KEXAlgorithms directive
    documentation, especially around what is supported vs available.
    bz3701.

Portability
-----------

  * sshd(8): expose SSH_AUTH_INFO_0 always to PAM auth modules
    unconditionally. The previous behaviour was to expose it only when
    particular authentication methods were in use.

  * build: fix OpenSSL ED25519 support detection. An incorrect function
    signature in configure.ac previously prevented enabling the recently
    added support for ED25519 private keys in PEM PKCS8 format.

  * ssh(1), ssh-agent(8): allow the presence of the WAYLAND_DISPLAY
    environment variable to enable SSH_ASKPASS, similarly to the X11
    DISPLAY environment variable. GHPR479

  * build: improve detection of the -fzero-call-used-regs compiler
    flag. bz3673.

  * build: relax OpenSSL version check to accept all OpenSSL 3.x
    versions.

  * sshd(8): add support for notifying systemd on server listen and
    reload, using a standalone implementation that doesn't depend on
    libsystemd. bz2641

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
Tim Rice and Ben Lindstrom.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

--
Predrag Zečević

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux