Linux Today: Linux News On Internet Time.





More on LinuxToday


OpenSSH 3.0 Released

Nov 07, 2001, 02:15 (5 Talkback[s])
(Other stories by Markus Friedl)

From the announcement by Markus Friedl:

 OpenSSH 3.0 has just been released. It will be available from the
 mirrors listed at http://www.openssh.com/ shortly.

 OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
 implementation and includes sftp client and server support.

 This release contains many portability bug-fixes (listed in the
 ChangeLog) as well as several new features (listed below).

 We would like to thank the OpenSSH community for their continued
 support and encouragement.

 Important Changes:
 ==================
1) SSH protocol v2 is now the default protocol version
   use the 'Protocol' option from ssh(1) and sshd(8) if
   you need to change this.

2) The files
 /etc/ssh_known_hosts2
 ~/.ssh/known_hosts2
 ~/.ssh/authorized_keys2
 are now obsolete, you can use
 /etc/ssh_known_hosts
 ~/.ssh/known_hosts
 ~/.ssh/authorized_keys
 For backward compatibility ~/.ssh/authorized_keys2 will still used for
 authentication and hostkeys are still read from the known_hosts2.
 However, those deprecated files are considered 'readonly'.  Future
 releases are likely not to read these files.

3) The CheckMail option in sshd_config is deprecated, as sshd(8) no longer
 checks for new mail.

4) X11 cookies are now stored in $HOME.

New Features:
 =============
 1) Smartcard support in the ssh client and agent based on work by
 University of Michigan CITI (http://www.citi.umich.edu/projects/smartcard/).
 2) support for Rekeying in protocol version 2
 3) improved Kerberos support in protocol v1 (KerbIV and KerbV)
 4) backward compatibility with older commercial SSH versions >= 2.0.10
 5) getopt(3) is now used by all programs
 6) dynamic forwarding (use ssh(1) as your socks server)
 7) ClearAllForwardings in ssh(1)
 8) ssh(1) now checks the hostkey for localhost (NoHostAuthenticationForLocalhost \
 yes/no). 
 9) -F option in ssh(1)
 10) ssh(1) now has a '-b bindaddress' option
 11) scp(1) allows "scp /file localhost:/file"
 12) The AuthorizedKeysFile option allows specification of alternative
 files that contain the public keys that can be used for user authentication
 (e.g. /etc/ssh_keys/%u, see sshd(8))
 13) extended AllowUsers user@host syntax in sshd(8)
 14) improved challenge-response support (especially for systems supporting \
 BSD_AUTH) 
 15) sshd(8) can specify time args as 1h, 2h30s etc.
 16) sshd(8) transmits the correct exit status for remote execution with protocol \
 version 2. 
 17) ssh-keygen(1) can import private RSA/DSA keys generated with the commercial \
 version 
 18) ssh-keyscan(1) supports protocol version 2

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
 Kevin Steves, Damien Miller and Ben Lindstrom.