Bugtraq mailing list archives
OpenSSH-2.5.2 (fwd)
From: Jonas Eriksson <je () SEKURE NET>
Date: Thu, 22 Mar 2001 16:49:00 +0100
---------- Forwarded message ---------- Date: Thu, 22 Mar 2001 11:49:03 +0100 From: Markus Friedl <Markus.Friedl () informatik uni-erlangen de> To: announce () openbsd org Subject: OpenSSH-2.5.2 OpenSSH 2.5.2 is now available from the mirror sites listed at http://www.openssh.com/ Security related changes: Improved countermeasure against "Passive Analysis of SSH (Secure Shell) Traffic" http://openwall.com/advisories/OW-003-ssh-traffic-analysis.txt The countermeasures introduced in earlier OpenSSH-2.5.x versions caused interoperability problems with some other implementations. Improved countermeasure against "SSH protocol 1.5 session key recovery vulnerability" http://www.core-sdi.com/advisories/ssh1_sessionkey_recovery.htm New options: permitopen authorized_keys option to restrict portforwarding. PreferredAuthentications allows client to specify the order in which authentication methods are tried. Sftp: sftp client supports globbing (get *, put *). Support for sftp protocol v3 (draft-ietf-secsh-filexfer-01.txt). Batch file (-b) support for automated transfers Performance: Speedup DH exchange. OpenSSH should now be significantly faster when connecting use SSH protocol 2. Preferred SSH protocol 2 cipher is AES with hmac-md5. AES offers much faster throughput in a well scrutinised cipher. Bugfixes: stderr handling fixes in SSH protocol 2. Improved interoperability. Client: The client no longer asks for the the passphrase if the key will not be accepted by the server (SSH2_MSG_USERAUTH_PK_OK) Miscellaneous: scp should now work for files > 2GB ssh-keygen can now generate fingerprints in the "bubble babble" format for exchanging fingerprints with SSH.COM's SSH protocol 2 implementation. Preliminary patches for OpenBSD-2.6 are available on request. -m
Current thread:
- OpenSSH-2.5.2 (fwd) Jonas Eriksson (Mar 22)