This is a Wikipedia user page.
This is not an encyclopedia article or the talk page for an encyclopedia article. If you find this page on any site other than Wikipedia, you are viewing a mirror site. Be aware that the page may be outdated and that the user in whose space this page is located may have no personal affiliation with any site other than Wikipedia. The original page is located at https://en.wikipedia.org/wiki/User:Tech201805/Openssh_versions.

https://en.wikipedia.org/w/index.php?title=OpenSSH&oldid=685810904 by User:Qwertyus as WP:INDISCRIMINATE

OpenSSH Versions[edit]

OpenSSH 8.0^[1], released in April 2019
- SECURITY: CVE-2019-6111 related to scp tool and protocol
OpenSSH 7.9^[2], released in October 2018
OpenSSH 7.8^[3], released in August 2018
- Incompatible changes: ssh-keygen write OpenSSH format private keys by default instead of using OpenSSL's PEM format.
OpenSSH 7.7^[4], released in February 2018
- FEATURE: Add "expiry-time" option in sshd for authorized_keys files to allow for expiring keys.
OpenSSH 7.6^[5], released in October 2017
- FEATURE: Add RemoteCommand option
- FEATURE: Add SyslogFacility option to ssh matching the equivalent option in sshd
OpenSSH 7.5^[6], released in March 2017
- BUGFIX: This is a mainly a bugfix release.
OpenSSH 7.4^[7], released December 19, 2016; 7 years ago (2016-12-19)
- sshd(8): Add a sshd_config DisableForwarding option
OpenSSH 7.3^[8], released August 1, 2016; 7 years ago (2016-08-01)
- FEATURE: Adds ProxyJump option (-J)
- FEATURE: Add an Include directive for ssh_config(5) files
OpenSSH 7.1: August 20, 2015^[9]
- This is a bugfix release.
OpenSSH 7.0: August 11, 2015^[10]
- The focus of this release is primarily to deprecate weak, legacy and unsafe cryptography.
OpenSSH 6.9: July 1, 2015^[11]
- BUGFIX: This is primarily a bugfix release.
OpenSSH 6.8: March 18, 2015
- Added new hostkeys@openssh.com extension to facilitate public key discovery and rotation for trusted hosts (for transition from DSA to Ed25519 public host keys)^[12]
OpenSSH 6.7: October 6, 2014
- The default set of ciphers and MACs has been altered to remove unsafe algorithms. In particular, CBC ciphers and arcfour* are disabled by default.
- Compile-time option to not depend on OpenSSL^[13]
- Add support for Unix domain socket forwarding
OpenSSH 6.6: March 16, 2014
- This is primarily a bugfix release.
OpenSSH 6.5: January 30, 2014
- Added new ssh-ed25519 and ssh-ed25519-cert-v01@openssh.com public key types
- Added new chacha20-poly1305@openssh.com transport cipher^[14]^[15]
- Added curve25519-sha256@libssh.org key exchange
- FEATURE: ssh, added Match keyword for ssh_config that allows conditional configuration to be applied ^[16]
- Add a new private key format that uses a bcrypt KDF
OpenSSH 6.4: November 8, 2013 ^[17]
- This release fixes a security bug with AES-GCM
OpenSSH 6.3: September 13, 2013
- This release is predominantly a bugfix release
OpenSSH 6.2: March 22, 2013
- Add a GCM-mode for the AES cipher, similar to rfc:5647
- Added support for encrypt-then-mac MAC modes
- Added support for multiple required authentication methods
- Added support for Key Revocation Lists (KRL)
OpenSSH 6.1: August 29, 2012
- This is primarily a bugfix release.
- Enables pre-auth sandboxing by default
- Finds ECDSA keys in ssh-keyscan and SSHFP DNS records by default now
OpenSSH 6.0: April 22, 2012
- This is primarily a bugfix release.
OpenSSH 5.9: September 6, 2011
- Introduce sandboxing of the pre-auth privilege separated child
OpenSSH 5.8: February 4, 2011
OpenSSH 5.7: January 24, 2011
- Added support for elliptic curve cryptography for key exchange as well as host/user keys, per rfc:5656
OpenSSH 5.6: August 23, 2010
OpenSSH 5.5: April 16, 2010
OpenSSH 5.4: March 8, 2010
- Disabled SSH protocol 1 default support. Clients and servers must now explicitly enable it.
- Added PKCS11 authentication support for ssh(1) (-I pkcs11)
- Added Certificate based authentication
- Added "Netcat mode" for ssh(1) (-W host:port). Similar to "-L tunnel", but forwards instead stdin and stdout. This allows, for example, using ssh(1) itself as a ssh(1) ProxyCommand to route connections via intermediate servers, without the need for nc(1) on the server machine.
- Added the ability to revoke public keys in sshd(8) and ssh(1). While it was already possible to remove the keys from authorised lists, revoked keys will now trigger a warning if used.
OpenSSH 5.3: October 1, 2009
OpenSSH 5.2: February 23, 2009
OpenSSH 5.1: July 21, 2008
OpenSSH 5.0: April 3, 2008
OpenSSH 4.9: March 30, 2008
- Added chroot support for sshd(8)
- Create an internal SFTP server for easier use of the chroot functionality
OpenSSH 4.7: September 4, 2007
OpenSSH 4.6: March 9, 2007
OpenSSH 4.5: November 7, 2006
OpenSSH 4.4: September 27, 2006
OpenSSH 4.3: February 1, 2006
- Added OSI layer 2/3 tun-based VPN (-w option on ssh(1))
OpenSSH 4.2: September 1, 2005
OpenSSH 4.1: May 26, 2005
OpenSSH 4.0: March 9, 2005
OpenSSH 3.9: August 17, 2004
OpenSSH 3.8: February 24, 2004
- Implement session multiplexing. ControlMaster option
OpenSSH 3.7.1: September 16, 2003
OpenSSH 3.7: September 16, 2003
OpenSSH 3.6.1: April 1, 2003
OpenSSH 3.6: March 31, 2003
OpenSSH 3.5: October 14, 2002
OpenSSH 3.4: June 26, 2002

^ http://www.openssh.com/txt/release-8.0
^ <http://www.openssh.com/txt/release-7.9
^ http://www.openssh.com/txt/release-7.8
^ http://www.openssh.com/txt/release-7.7
^ http://www.openssh.com/txt/release-7.6
^ http://www.openssh.com/txt/release-7.5
^ http://www.openssh.com/txt/release-7.4
^ http://www.openssh.com/txt/release-7.3
^ "OpenSSH 7.1 Release Notes". openssh.com. 2015-08-20. Retrieved 2015-09-01.
^ "OpenSSH 7.0 Release Notes". openssh.com. 2015-08-11. Retrieved 2015-08-18.
^ "OpenSSH 6.9 Release Notes". openssh.com. 2015-07-01. Retrieved 2015-08-12.
^ Murenin, Constantine A. (2015-02-01). Soulskill (ed.). "OpenSSH Will Feature Key Discovery and Rotation For Easier Switching To Ed25519". Slashdot. Retrieved 2015-02-01.
^ Murenin, Constantine A. (2014-04-30). Soulskill (ed.). "OpenSSH No Longer Has To Depend On OpenSSL". Slashdot. Retrieved 2014-12-26.
^ Miller, Damien (2013-12-02). "ssh/PROTOCOL.chacha20poly1305". BSD Cross Reference, OpenBSD src/usr.bin/. Retrieved 2014-12-26.
^ Murenin, Constantine A. (2013-12-11). Unknown Lamer (ed.). "OpenSSH Has a New Cipher — Chacha20-poly1305 — from D.J. Bernstein". Slashdot. Retrieved 2014-12-26.
^ https://www.openssh.com/txt/release-6.5
^ https://www.openssh.com/txt/release-6.4

[1] ttp://www.openssh.com/txt/release-8.0

[2] <http://www.openssh.com/txt/release-7.9

[3] ttp://www.openssh.com/txt/release-7.8

[4] ttp://www.openssh.com/txt/release-7.7

[5] ttp://www.openssh.com/txt/release-7.6

[6] ttp://www.openssh.com/txt/release-7.5

[7] ttp://www.openssh.com/txt/release-7.4

[8] ttp://www.openssh.com/txt/release-7.3

[7.1-released-9] "OpenSSH 7.1 Release Notes". openssh.com. 2015-08-20. Retrieved 2015-09-01.

[10] "OpenSSH 7.0 Release Notes". openssh.com. 2015-08-11. Retrieved 2015-08-18.

[11] "OpenSSH 6.9 Release Notes". openssh.com. 2015-07-01. Retrieved 2015-08-12.

[12] Murenin, Constantine A. (2015-02-01). Soulskill (ed.). "OpenSSH Will Feature Key Discovery and Rotation For Easier Switching To Ed25519". Slashdot. Retrieved 2015-02-01.

[13] Murenin, Constantine A. (2014-04-30). Soulskill (ed.). "OpenSSH No Longer Has To Depend On OpenSSL". Slashdot. Retrieved 2014-12-26.

[14] Miller, Damien (2013-12-02). "ssh/PROTOCOL.chacha20poly1305". BSD Cross Reference, OpenBSD src/usr.bin/. Retrieved 2014-12-26.

[15] Murenin, Constantine A. (2013-12-11). Unknown Lamer (ed.). "OpenSSH Has a New Cipher — Chacha20-poly1305 — from D.J. Bernstein". Slashdot. Retrieved 2014-12-26.

[16] ttps://www.openssh.com/txt/release-6.5

[17] ttps://www.openssh.com/txt/release-6.4

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]