#
a91a2465 |
|
18-Mar-2024 |
Ed Maste <emaste@FreeBSD.org> |
ssh: Update to OpenSSH 9.7p1 This release contains mostly bugfixes. It also makes support for the DSA signature algorithm a compile-time option, with plans to disable it upstream later this year and remove support entirely in 2025. Full release notes at https://www.openssh.com/txt/release-9.7 Relnotes: Yes Sponsored by: The FreeBSD Foundation
|
#
e9e8876a |
|
19-Dec-2021 |
Ed Maste <emaste@FreeBSD.org> |
ssh: update to OpenSSH v8.8p1 OpenSSH v8.8p1 was motivated primarily by a security update and deprecation of RSA/SHA1 signatures. It also has a few minor bug fixes. The security update was already applied to FreeBSD as an independent change, and the RSA/SHA1 deprecation is excluded from this commit but will immediately follow. MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation
|
#
19261079 |
|
07-Sep-2021 |
Ed Maste <emaste@FreeBSD.org> |
openssh: update to OpenSSH v8.7p1 Some notable changes, from upstream's release notes: - sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". - ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. - ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" (RSA/SHA1) algorithm from those accepted for certificate signatures. - ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). - ssh(1): this release enables UpdateHostkeys by default subject to some conservative preconditions. - scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used. Additional integration work is needed to support FIDO/U2F in the base system. Deprecation Notice ------------------ OpenSSH will disable the ssh-rsa signature scheme by default in the next release. Reviewed by: imp MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29985
|
#
47dd1d1b |
|
11-May-2018 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.7p1.
|
#
ca86bcf2 |
|
05-Mar-2017 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.4p1.
|
#
ce3adf43 |
|
21-Sep-2013 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Pull in all the OpenSSH bits that we'd previously left out because we didn't use them. This will make future merges from the vendor tree much easier. Approved by: re (gjb)
|
#
e9e8876a |
|
19-Dec-2021 |
Ed Maste <emaste@FreeBSD.org> |
ssh: update to OpenSSH v8.8p1 OpenSSH v8.8p1 was motivated primarily by a security update and deprecation of RSA/SHA1 signatures. It also has a few minor bug fixes. The security update was already applied to FreeBSD as an independent change, and the RSA/SHA1 deprecation is excluded from this commit but will immediately follow. MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation
|
#
19261079 |
|
07-Sep-2021 |
Ed Maste <emaste@FreeBSD.org> |
openssh: update to OpenSSH v8.7p1 Some notable changes, from upstream's release notes: - sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". - ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. - ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" (RSA/SHA1) algorithm from those accepted for certificate signatures. - ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). - ssh(1): this release enables UpdateHostkeys by default subject to some conservative preconditions. - scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used. Additional integration work is needed to support FIDO/U2F in the base system. Deprecation Notice ------------------ OpenSSH will disable the ssh-rsa signature scheme by default in the next release. Reviewed by: imp MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29985
|
#
47dd1d1b |
|
11-May-2018 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.7p1.
|
#
ca86bcf2 |
|
05-Mar-2017 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.4p1.
|
#
ce3adf43 |
|
21-Sep-2013 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Pull in all the OpenSSH bits that we'd previously left out because we didn't use them. This will make future merges from the vendor tree much easier. Approved by: re (gjb)
|
#
19261079 |
|
07-Sep-2021 |
Ed Maste <emaste@FreeBSD.org> |
openssh: update to OpenSSH v8.7p1 Some notable changes, from upstream's release notes: - sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". - ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. - ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" (RSA/SHA1) algorithm from those accepted for certificate signatures. - ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). - ssh(1): this release enables UpdateHostkeys by default subject to some conservative preconditions. - scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used. Additional integration work is needed to support FIDO/U2F in the base system. Deprecation Notice ------------------ OpenSSH will disable the ssh-rsa signature scheme by default in the next release. Reviewed by: imp MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29985
|
#
47dd1d1b |
|
11-May-2018 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.7p1.
|
#
ca86bcf2 |
|
05-Mar-2017 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.4p1.
|
#
ce3adf43 |
|
21-Sep-2013 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Pull in all the OpenSSH bits that we'd previously left out because we didn't use them. This will make future merges from the vendor tree much easier. Approved by: re (gjb)
|