Date: Thu, 22 Mar 2001 11:49:03 +0100
From: Markus Friedl Markus.Friedl@informatik.uni-erlangen.de
To: announce@openbsd.org
Subject: OpenSSH-2.5.2
OpenSSH 2.5.2 is now available from the mirror sites
listed at http://www.openssh.com/
Security related changes:
Improved countermeasure against "Passive Analysis of SSH
(Secure Shell) Traffic"
http://openwall.com/advisories/OW-003-ssh-traffic-analysis.txt
The countermeasures introduced in earlier OpenSSH-2.5.x versions
caused interoperability problems with some other implementations.
Improved countermeasure against "SSH protocol 1.5 session
key recovery vulnerability"
http://www.core-sdi.com/advisories/ssh1_sessionkey_recovery.htm
New options:
permitopen authorized_keys option to restrict portforwarding.
PreferredAuthentications allows client to specify the order in which
authentication methods are tried.
Sftp:
sftp client supports globbing (get *, put *).
Support for sftp protocol v3 (draft-ietf-secsh-filexfer-01.txt).
Batch file (-b) support for automated transfers
Performance:
Speedup DH exchange. OpenSSH should now be significantly faster when
connecting use SSH protocol 2.
Preferred SSH protocol 2 cipher is AES with hmac-md5. AES offers
much faster throughput in a well scrutinised cipher.
Bugfixes:
stderr handling fixes in SSH protocol 2.
Improved interoperability.
Client:
The client no longer asks for the the passphrase if the key
will not be accepted by the server (SSH2_MSG_USERAUTH_PK_OK)
Miscellaneous:
scp should now work for files > 2GB
ssh-keygen can now generate fingerprints in the "bubble babble"
format for exchanging fingerprints with SSH.COM's SSH protocol 2
implementation.
Preliminary patches for OpenBSD-2.6 are available on request.
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts