OpenSSH 4.7: call for testing.
This is a discussion on OpenSSH 4.7: call for testing. within the OpenSSH Development forums, part of the Networking and Network Related category; Hi All. OpenSSH 4.7 is preparing for release so we are asking for any interested folks to please test ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-15-2007
|
|||
|
|||
OpenSSH 4.7: call for testing.
Hi All.
OpenSSH 4.7 is preparing for release so we are asking for any interested folks to please test a snapshot. The main changes are: * sshd(8) in new installations defaults to SSH Protocol 2 only. Existing installations are unchanged. * The SSH channel window size has been increased, which improves performance on high-BDP networks. * ssh(1) and sshd(8) now preserve MAC contexts between packets, which saves 2 hash calls per packet and results in 12-16% speedup for arcfour256/hmac-md5. * A new MAC algorithm has been added, UMAC-64 (RFC4418) which is approximately 20% faster than HMAC-MD5. * A -K flag was added to ssh(1) to set GSSAPIAuthentication=Yes #616: proxycommand breaks hostbased authentication. #856: scp hangs on FIFOs rather than erroring #891: possible problem with non-printing characters during scp copy #1196: SIGINT is ignored by SSHD in case of privilegeseparation yes #1220: Fix error messages for multiple mechanism GSSAPI libraries #1224: ssh-add man page does not fully describe -d #1225: Tidy up GSSAPI code #1232: "LocalCommand" is executed before session is set up #1236: SCP inappropriate truncate error when copying to FIFO file #1261: Timed out command through ControlMaster yields 0 return value. #1286: SFTP keeps reading input until it runs out of buffer space #1243: Multiple including of paths.h on AIX 5.1 systems. #1262: ssh disconnect message from master control is confusing #1287: Use getpeerucred on Solaris #1294: includes.h should pull in string.h based on HAVE_STRING_H #1299: Remove redefinition of _res in getrrsetbyname.c #1306: Spurious : "chan_read_failed for istate 3" errors from sshd #1325: SELinux support broken when SELinux is in permissive mode #1339: pam_dhkeys doesn't work #1343: Privilege separation does not work on QNX There is also #1322 (pam_abl) which has not been applied, but I'm not sure about that one (so if you use PAM, please try the latest patch from that bug, even if you don't use pam_abl or equivalent). Thanks to all who contributed. More detail may be found in the ChangeLog in the portable OpenSSH tarballs. The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable snapshots are available at: http://www.mindrot.org/openssh_snap/ Running the regression tests supplied with Portable does not require installation and is a simply: $ ./configure && make tests Testing on suitable non-production systems is also appreciated. Please send reports of success or failure to openssh-unix-dev@mindrot.org. Thanks. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
Linear Mode
