Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 60758 - openssh 3.9 (version bump)
Summary: openssh 3.9 (version bump)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Server (show other bugs)
Hardware: All All
: High enhancement (vote)
Assignee: Daniel Ahlberg (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-08-18 04:07 UTC by Tobias Sager
Modified: 2004-08-18 14:58 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Sager 2004-08-18 04:07:47 UTC 
<snip>
Changes since OpenSSH 3.8:
============================ 

* Added new "IdentitiesOnly" option to ssh(1), which specifies that it should
  use keys specified in ssh_config, rather than any keys in ssh-agent(1)

* Make sshd(8) re-execute itself on accepting a new connection. This security
  measure ensures that all execute-time randomisations are reapplied for each 
  connection rather than once, for the master process' lifetime. This includes
  mmap and malloc mappings, shared library addressing, shared library mapping 
  order, ProPolice and StackGhost cookies on systems that support such things

* Add strict permission and ownership checks to programs reading ~/.ssh/config
  NB ssh(1) will now exit instead of trying to process a config with poor 
  ownership or permissions

* Implemented the ability to pass selected environment variables between the
  client and the server. See "AcceptEnv" in sshd_config(5) and "SendEnv" in 
  ssh_config(5) for details
 
* Added a "MaxAuthTries" option to sshd(8), allowing control over the maximum
  number of authentication attempts permitted per connection

* Added support for cancellation of active remote port forwarding sessions. 
  This may be performed using the ~C escape character, see "Escape Characters"
  in ssh(1) for details
 
* Many sftp(1) interface improvements, including greatly enhanced "ls" support 
  and the ability to cancel active transfers using SIGINT (^C)

* Implement session multiplexing: a single ssh(1) connection can now carry 
  multiple login/command/file transfer sessions. Refer to the "ControlMaster" 
  and "ControlPath" options in ssh_config(5) for more information

* The sftp-server has improved support for non-POSIX filesystems (e.g. FAT)

* Portable OpenSSH: Re-introduce support for PAM password authentication, in 
  addition to the keyboard-interactive driver. PAM password authentication 
  is less flexible, and doesn't support pre-authentication password expiry but
  runs in-process so Kerberos tokens, etc are retained

* Improved and more extensive regression tests

* Many bugfixes and small improvements

Checksums:
==========

- MD5 (openssh-3.9.tgz) = 93f48bfcc1560895ae53de6bfc41689b
- MD5 (openssh-3.9p1.tar.gz) = 8e1774d0b52aff08f817f3987442a16e
</snip>
Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev 2004-08-18 14:58:18 UTC 
In CVS, thanks!