Revision tags: release/14.0.0 |
|
#
535af610 |
| 11-Aug-2023 |
Ed Maste <emaste@FreeBSD.org> |
ssh: Update to OpenSSH 9.4p1
Excerpts from the release notes:
* ssh-agent(1): PKCS#11 modules must now be specified by their full paths. Previously dlopen(3) could search for them in system
ssh: Update to OpenSSH 9.4p1
Excerpts from the release notes:
* ssh-agent(1): PKCS#11 modules must now be specified by their full paths. Previously dlopen(3) could search for them in system library directories.
* ssh(1): allow forwarding Unix Domain sockets via ssh -W.
* ssh(1): add support for configuration tags to ssh(1). This adds a ssh_config(5) "Tag" directive and corresponding "Match tag" predicate that may be used to select blocks of configuration similar to the pf.conf(5) keywords of the same name.
* ssh(1): add a "match localnetwork" predicate. This allows matching on the addresses of available network interfaces and may be used to vary the effective client configuration based on network location.
* ssh-agent(1): improve isolation between loaded PKCS#11 modules by running separate ssh-pkcs11-helpers for each loaded provider.
* ssh-agent(1), ssh(1): improve defences against invalid PKCS#11 modules being loaded by checking that the requested module contains the required symbol before loading it.
* ssh(1): don't incorrectly disable hostname canonicalization when CanonicalizeHostname=yes and ProxyJump was expicitly set to "none". bz3567
Full release notes at https://www.openssh.com/txt/release-9.4
Relnotes: Yes Sponsored by: The FreeBSD Foundation
show more ...
|
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0, release/12.3.0 |
|
#
19261079 |
| 08-Sep-2021 |
Ed Maste <emaste@FreeBSD.org> |
openssh: update to OpenSSH v8.7p1
Some notable changes, from upstream's release notes:
- sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new ho
openssh: update to OpenSSH v8.7p1
Some notable changes, from upstream's release notes:
- sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". - ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. - ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" (RSA/SHA1) algorithm from those accepted for certificate signatures. - ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). - ssh(1): this release enables UpdateHostkeys by default subject to some conservative preconditions. - scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used.
Additional integration work is needed to support FIDO/U2F in the base system.
Deprecation Notice ------------------
OpenSSH will disable the ssh-rsa signature scheme by default in the next release.
Reviewed by: imp MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29985
show more ...
|
Revision tags: release/13.0.0, release/12.2.0, release/11.4.0, release/12.1.0, release/11.3.0, release/12.0.0, release/11.2.0 |
|
#
4f52dfbb |
| 09-May-2018 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.6p1. This will be followed shortly by 7.7p1.
This completely removes client-side support for the SSH 1 protocol, which was already disabled in 12 but is still enabled in 11. F
Upgrade to OpenSSH 7.6p1. This will be followed shortly by 7.7p1.
This completely removes client-side support for the SSH 1 protocol, which was already disabled in 12 but is still enabled in 11. For that reason, we will not be able to merge 7.6p1 or newer back to 11.
show more ...
|
Revision tags: release/10.4.0, release/11.1.0 |
|
#
076ad2f8 |
| 02-Mar-2017 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.3p1.
|
Revision tags: release/11.0.1, release/11.0.0, release/10.3.0 |
|
#
53835448 |
| 14-Mar-2016 |
Glen Barber <gjb@FreeBSD.org> |
MFH
Sponsored by: The FreeBSD Foundation
|
#
acc1a9ef |
| 11-Mar-2016 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.2p2.
|
Revision tags: release/10.2.0, release/10.1.0, release/9.3.0, release/10.0.0 |
|
#
064bee34 |
| 30-Oct-2013 |
Peter Grehan <grehan@FreeBSD.org> |
MFC @ r256071
This is just prior to the bhyve_npt_pmap import so will allow just the change to be merged for easier debug.
|
#
0bfd163f |
| 18-Oct-2013 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Merge head r233826 through r256722.
|
#
3caf0790 |
| 13-Oct-2013 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge head@256284
|
#
1ccca3b5 |
| 10-Oct-2013 |
Alan Somers <asomers@FreeBSD.org> |
IFC @256277
Approved by: ken (mentor)
|
#
27650413 |
| 02-Oct-2013 |
Mark Murray <markm@FreeBSD.org> |
MFC - tracking update.
|
Revision tags: release/9.2.0 |
|
#
ce3adf43 |
| 22-Sep-2013 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Pull in all the OpenSSH bits that we'd previously left out because we didn't use them. This will make future merges from the vendor tree much easier.
Approved by: re (gjb)
|
Revision tags: release/8.4.0, release/9.1.0, release/8.3.0_cvs, release/8.3.0, release/9.0.0, release/7.4.0_cvs, release/8.2.0_cvs, release/7.4.0, release/8.2.0, release/8.1.0_cvs, release/8.1.0, release/7.3.0_cvs, release/7.3.0, release/8.0.0_cvs, release/8.0.0, release/7.2.0_cvs, release/7.2.0, release/7.1.0_cvs, release/7.1.0, release/6.4.0_cvs, release/6.4.0, release/7.0.0_cvs, release/7.0.0, release/6.3.0_cvs, release/6.3.0, release/6.2.0_cvs, release/6.2.0, release/5.5.0_cvs, release/5.5.0, release/6.1.0_cvs, release/6.1.0, release/6.0.0_cvs, release/6.0.0, release/5.4.0_cvs, release/5.4.0, release/4.11.0_cvs, release/4.11.0, release/5.3.0_cvs, release/5.3.0, release/4.10.0_cvs, release/4.10.0 |
|
#
52028650 |
| 20-Apr-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.8.1p1.
|
#
b247dbc7 |
| 20-Apr-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
This commit was generated by cvs2svn to compensate for changes in r128456, which included commits to RCS files with non-trunk default branches.
|
Revision tags: release/8.4.0, release/9.1.0, release/8.3.0_cvs, release/8.3.0, release/9.0.0, release/7.4.0_cvs, release/8.2.0_cvs, release/7.4.0, release/8.2.0, release/8.1.0_cvs, release/8.1.0, release/7.3.0_cvs, release/7.3.0, release/8.0.0_cvs, release/8.0.0, release/7.2.0_cvs, release/7.2.0, release/7.1.0_cvs, release/7.1.0, release/6.4.0_cvs, release/6.4.0, release/7.0.0_cvs, release/7.0.0, release/6.3.0_cvs, release/6.3.0, release/6.2.0_cvs, release/6.2.0, release/5.5.0_cvs, release/5.5.0, release/6.1.0_cvs, release/6.1.0, release/6.0.0_cvs, release/6.0.0, release/5.4.0_cvs, release/5.4.0, release/4.11.0_cvs, release/4.11.0, release/5.3.0_cvs, release/5.3.0, release/4.10.0_cvs, release/4.10.0 |
|
#
52028650 |
| 20-Apr-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.8.1p1.
|
#
b247dbc7 |
| 20-Apr-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
This commit was generated by cvs2svn to compensate for changes in r128456, which included commits to RCS files with non-trunk default branches.
|