Displaying 20 results from an estimated 4000 matches similar to: "Announce: OpenSSH 9.6 released"
2023 Dec 18
1
Announce: OpenSSH 9.6 released
OpenSSH 9.6 has just been released. It will be available from the
mirrors listed at https://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2024 Jan 23
1
SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) on Red Hat Enterprise Linux release 8.7 (Ootpa)
Hi,
I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise
Linux release 8.7 (Ootpa). The details are as follows.
# rpm -qa | grep openssh
openssh-8.0p1-16.el8.x86_64
openssh-askpass-8.0p1-16.el8.x86_64
openssh-server-8.0p1-16.el8.x86_64
openssh-clients-8.0p1-16.el8.x86_64
# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.7 (Ootpa)
#
SSH Terrapin Prefix Truncation
2024 Jan 23
1
SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) on Red Hat Enterprise Linux release 8.7 (Ootpa)
You might find RedHat's CVE page on this useful:
https://access.redhat.com/security/cve/cve-2023-48795
On Tue, Jan 23, 2024 at 10:04?AM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:
> Hi,
>
> I have the SSH Terrapin Prefix Truncation Weakness on Red Hat Enterprise
> Linux release 8.7 (Ootpa). The details are as follows.
>
> # rpm -qa | grep openssh
>
2024 Apr 22
0
OpenSSH 9.6 client is stuck
I am trying to run ssh to a server continuously and quickly. Out of
about 10-12 times of good run or result, once the client gets stuck.
It does not connect. This we are observing after upgrading both the
server and client to OpenSSL 9.6p1.
We are running this cmd on the client side:
ssh -vvv -p 1022 -o UserKnownHostsFile=/dev/null -o
GSSAPIAuthentication=no -o StrictHostKeyChecking=no -o
2005 Jun 09
3
[Bug 1054] Nmap Causing SSH Session to Prematurely End
http://bugzilla.mindrot.org/show_bug.cgi?id=1054
Summary: Nmap Causing SSH Session to Prematurely End
Product: Portable OpenSSH
Version: 3.8.1p1
Platform: All
OS/Version: Mac OS X
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2023 Dec 20
1
Discussion: new terrapin resisting ciphers and macs (alternative to strict-kex) and -ctr mode question.
Hi there,
> So there could be a Chacha20-Poly1305v2 at openssh.com which uses AD data to chain the
> messages together, so it will be resistant against terrapin even without the strict-kex.
>
> Consequently the hmac-etmv2 at openssh.com mode could be deviced in a similar manner, to
> also include the transcript hash or similar things.
This would still require both, client and
2010 Aug 23
0
Announce: OpenSSH 5.6 released
OpenSSH 5.6 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches,
2024 Jan 27
2
enable strong KexAlgorithms, Ciphers and MACs in /etc/ssh/sshd_config file on RHEL 8.x Linux OS
On Fri, Jan 26, 2024 at 7:24?PM Jochen Bern <Jochen.Bern at binect.de> wrote:
> On 25.01.24 14:09, Kaushal Shriyan wrote:
> > I am running the below servers on Red Hat Enterprise Linux release 8.7
> > How do I enable strong KexAlgorithms, Ciphers and MACs
>
> On RHEL 8, you need to be aware that there are "crypto policies"
> modifying sshd's behaviour,
2018 Jan 05
11
[Bug 2817] New: Add support for PKCS#11 URIs (RFC 7512)
https://bugzilla.mindrot.org/show_bug.cgi?id=2817
Bug ID: 2817
Summary: Add support for PKCS#11 URIs (RFC 7512)
Product: Portable OpenSSH
Version: 7.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Smartcard
Assignee: unassigned-bugs at
2023 Dec 20
1
Discussion: new terrapin resisting ciphers and macs (alternative to strict-kex) and -ctr mode question.
Hello,
in addition to my last thread about a new config option to make strict-kex mandatory,
I also wonder if a new mechanism for ciphers/macs can be introduced and is reliable
by simple both sides using it.
So there could be a Chacha20-Poly1305v2 at openssh.com which uses AD data to chain the
messages together, so it will be resistant against terrapin even without the strict-kex.
Consequently
2023 Dec 20
0
Feature Request: new "Require Strict-KEX" c/s option
Hello,
since one currently (after the 9.6 release addressing terrapin with
strict-kex) cant be sure that strict KEX mode is negotiated (it depends
on the capabilities of the partner), and the mitigation for that is to
disable most modern/alternative ciphers and MAC modes -
I would suggest you offer the option to enforce strict-kex mode as a server
config as well as a per-host config in the
2023 Aug 10
1
Announce: OpenSSH 9.4 released
OpenSSH 9.4 has just been released. It will be available from the
mirrors listed at https://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2023 Aug 09
1
Call for testing: OpenSSH 9.4
Compiled on OpenIndiana using GCC 11
:; SunOS 5.11 illumos-2e79e00041 illumos
Although snapshot was downloaded, it shows 9.3 version:
:; ssh -V
OpenSSH_9.3p1-snap20230809, OpenSSL 1.1.1v? 1 Aug 2023
Thanks and regards.
On 31.07.2023 08:12, Damien Miller wrote:
> Hi,
>
> OpenSSH 9.4 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as
2010 Aug 23
3
Announce: OpenSSH 5.6 released
OpenSSH 5.6 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches,
2021 Jul 25
6
[Bug 3331] New: Issues with man pages
https://bugzilla.mindrot.org/show_bug.cgi?id=3331
Bug ID: 3331
Summary: Issues with man pages
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: All
Status: NEW
Severity: minor
Priority: P5
Component: Documentation
Assignee: unassigned-bugs at mindrot.org
2019 Apr 18
0
Announce: OpenSSH 8.0 released
OpenSSH 8.0 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested
2015 Sep 23
0
[Bug 1773] PKCS#11 authentication fails with "xmalloc: zero size" for some certificates.
https://bugzilla.mindrot.org/show_bug.cgi?id=1773
--- Comment #6 from Sergey Ivanov <evasive.gyron at gmail.com> ---
Error is exactly as described by original author.
ssh -A -I /usr/lib/libeToken.so -p example.net -vvv
OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to example.com
2014 Jan 30
0
Announce: OpenSSH 6.5 released
Changes since OpenSSH 6.4
=========================
This is a feature-focused release.
New features:
* ssh(1), sshd(8): Add support for key exchange using elliptic-curve
Diffie Hellman in Daniel Bernstein's Curve25519. This key exchange
method is the default when both the client and server support it.
* ssh(1), sshd(8): Add support for Ed25519 as a public key type.
Ed25519 is a
2023 Nov 19
2
[Bug 3635] New: ssh-add -s always asks for PKCS#11 PIN
https://bugzilla.mindrot.org/show_bug.cgi?id=3635
Bug ID: 3635
Summary: ssh-add -s always asks for PKCS#11 PIN
Product: Portable OpenSSH
Version: 9.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-add
Assignee: unassigned-bugs at
2023 Jul 31
5
Call for testing: OpenSSH 9.4
Hi,
OpenSSH 9.4 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at