Contributed by
Dengue
on
from the New-fishy-fish dept.
Auguste Personage
writes :
"
markus@
announced
OpenSSH
3.0. This release contains portability fixes and interesting new features too numerous to mention. The announcement notes Smartcard support in the ssh client and agent, based on research at University of Michigan
CITI
."
SSH v2 is now the default protocol.
Usage of known_hosts2/authorized_keys2 is deprecated.
The
CheckMail
option is deprecated.
X11 cookies are now stored in $HOME.
For completeness, I have included
markus@
original message below:
Subject: OpenSSH 3.0
Date: Tue, 6 Nov 2001 22:48:41 +0100
From: Markus Friedl
To: openssh-unix-announce@mindrot.org,
openssh-unix-dev@mindrot.org
CC: lwn@lwn.net, announce@openbsd.org,
misc@openbsd.org, dengue@deadly.org
OpenSSH 3.0 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
This release contains many portability bug-fixes (listed in the
ChangeLog) as well as several new features (listed below).
We would like to thank the OpenSSH community for their continued
support and encouragement.
Important Changes:
==================
1) SSH protocol v2 is now the default protocol version
use the 'Protocol' option from ssh(1) and sshd(8) if
you need to change this.
2) The files
/etc/ssh_known_hosts2
~/.ssh/known_hosts2
~/.ssh/authorized_keys2
are now obsolete, you can use
/etc/ssh_known_hosts
~/.ssh/known_hosts
~/.ssh/authorized_keys
For backward compatibility ~/.ssh/authorized_keys2 will still used for
authentication and hostkeys are still read from the known_hosts2.
However, those deprecated files are considered 'readonly'. Future
releases are likely not to read these files.
3) The CheckMail option in sshd_config is deprecated, as sshd(8) no longer
checks for new mail.
4) X11 cookies are now stored in $HOME.
New Features:
=============
1) Smartcard support in the ssh client and agent based on work by
University of Michigan CITI (http://www.citi.umich.edu/projects/smartcard/).
2) support for Rekeying in protocol version 2
3) improved Kerberos support in protocol v1 (KerbIV and KerbV)
4) backward compatibility with older commercial SSH versions >= 2.0.10
5) getopt(3) is now used by all programs
6) dynamic forwarding (use ssh(1) as your socks server)
7) ClearAllForwardings in ssh(1)
8) ssh(1) now checks the hostkey for localhost (NoHostAuthenticationForLocalhost yes/no).
9) -F option in ssh(1)
10) ssh(1) now has a '-b bindaddress' option
11) scp(1) allows "scp /file localhost:/file"
12) The AuthorizedKeysFile option allows specification of alternative
files that contain the public keys that can be used for user authentication
(e.g. /etc/ssh_keys/%u, see sshd(8))
13) extended AllowUsers user@host syntax in sshd(8)
14) improved challenge-response support (especially for systems supporting BSD_AUTH)
15) sshd(8) can specify time args as 1h, 2h30s etc.
16) sshd(8) transmits the correct exit status for remote execution with protocol version 2.
17) ssh-keygen(1) can import private RSA/DSA keys generated with the commercial version
18) ssh-keyscan(1) supports protocol version 2
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller and Ben Lindstrom.
(Comments are closed)
Comments
By
Cabal ()
on
I really liked it, every other form of login I've come across launches something similar on login. That's a shame.
By Cabal () on