summaryrefslogtreecommitdiff
path: root/debian/NEWS
diff options
context:
space:
mode:
Diffstat (limited to 'debian/NEWS')
-rw-r--r--debian/NEWS144
1 files changed, 144 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS
new file mode 100644
index 000000000..cfdf7b5e1
--- /dev/null
+++ b/debian/NEWS
@@ -0,0 +1,144 @@
1openssh (1:7.4p1-1) unstable; urgency=medium
2
3 OpenSSH 7.4 includes a number of changes that may affect existing
4 configurations:
5
6 * ssh(1): Remove 3des-cbc from the client's default proposal. 64-bit
7 block ciphers are not safe in 2016 and we don't want to wait until
8 attacks like SWEET32 are extended to SSH. As 3des-cbc was the only
9 mandatory cipher in the SSH RFCs, this may cause problems connecting to
10 older devices using the default configuration, but it's highly likely
11 that such devices already need explicit configuration for key exchange
12 and hostkey algorithms already anyway.
13 * sshd(8): Remove support for pre-authentication compression. Doing
14 compression early in the protocol probably seemed reasonable in the
15 1990s, but today it's clearly a bad idea in terms of both cryptography
16 (cf. multiple compression oracle attacks in TLS) and attack surface.
17 Pre-auth compression support has been disabled by default for >10
18 years. Support remains in the client.
19 * ssh-agent will refuse to load PKCS#11 modules outside a whitelist of
20 trusted paths by default. The path whitelist may be specified at
21 run-time.
22 * sshd(8): When a forced-command appears in both a certificate and an
23 authorized keys/principals command= restriction, sshd will now refuse
24 to accept the certificate unless they are identical. The previous
25 (documented) behaviour of having the certificate forced-command
26 override the other could be a bit confusing and error-prone.
27 * sshd(8): Remove the UseLogin configuration directive and support for
28 having /bin/login manage login sessions.
29
30 The unprivileged sshd process that deals with pre-authentication network
31 traffic is now subject to additional sandboxing restrictions by default:
32 that is, the default sshd_config now sets UsePrivilegeSeparation to
33 "sandbox" rather than "yes". This has been the case upstream for a while,
34 but until now the Debian configuration diverged unnecessarily.
35
36 -- Colin Watson <cjwatson@debian.org> Tue, 27 Dec 2016 18:01:46 +0000
37
38openssh (1:7.2p1-1) unstable; urgency=medium
39
40 OpenSSH 7.2 disables a number of legacy cryptographic algorithms by
41 default in ssh:
42
43 * Several ciphers blowfish-cbc, cast128-cbc, all arcfour variants and the
44 rijndael-cbc aliases for AES.
45 * MD5-based and truncated HMAC algorithms.
46
47 These algorithms are already disabled by default in sshd.
48
49 -- Colin Watson <cjwatson@debian.org> Tue, 08 Mar 2016 11:47:20 +0000
50
51openssh (1:7.1p1-2) unstable; urgency=medium
52
53 OpenSSH 7.0 disables several pieces of weak, legacy, and/or unsafe
54 cryptography.
55
56 * Support for the legacy SSH version 1 protocol is disabled by default at
57 compile time. Note that this also means that the Cipher keyword in
58 ssh_config(5) is effectively no longer usable; use Ciphers instead for
59 protocol 2. The openssh-client-ssh1 package includes "ssh1", "scp1",
60 and "ssh-keygen1" binaries which you can use if you have no alternative
61 way to connect to an outdated SSH1-only server; please contact the
62 server administrator or system vendor in such cases and ask them to
63 upgrade.
64 * Support for the 1024-bit diffie-hellman-group1-sha1 key exchange is
65 disabled by default at run-time. It may be re-enabled using the
66 instructions at http://www.openssh.com/legacy.html
67 * Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled by
68 default at run-time. These may be re-enabled using the instructions at
69 http://www.openssh.com/legacy.html
70 * Support for the legacy v00 cert format has been removed.
71
72 Future releases will retire more legacy cryptography, including:
73
74 * Refusing all RSA keys smaller than 1024 bits (the current minimum is
75 768 bits).
76 * Several ciphers will be disabled by default: blowfish-cbc, cast128-cbc,
77 all arcfour variants, and the rijndael-cbc aliases for AES.
78 * MD5-based HMAC algorithms will be disabled by default.
79
80 -- Colin Watson <cjwatson@debian.org> Tue, 08 Dec 2015 15:33:08 +0000
81
82openssh (1:6.9p1-1) unstable; urgency=medium
83
84 UseDNS now defaults to 'no'. Configurations that match against the client
85 host name (via sshd_config or authorized_keys) may need to re-enable it or
86 convert to matching against addresses.
87
88 -- Colin Watson <cjwatson@debian.org> Thu, 20 Aug 2015 10:38:58 +0100
89
90openssh (1:6.7p1-5) unstable; urgency=medium
91
92 openssh-server 1:6.7p1-4 changed the default setting of AcceptEnv to list
93 a number of specific LC_FOO variables rather than the wildcard LC_*. I
94 have since been persuaded that this was a bad idea and have reverted it,
95 but it is difficult to automatically undo the change to
96 /etc/ssh/sshd_config without compounding the problem (that of modifying
97 configuration that some users did not want to be modified) further. Most
98 users who upgraded via version 1:6.7p1-4 should restore the previous value
99 of "AcceptEnv LANG LC_*" in /etc/ssh/sshd_config.
100
101 -- Colin Watson <cjwatson@debian.org> Sun, 22 Mar 2015 23:09:32 +0000
102
103openssh (1:5.4p1-2) unstable; urgency=low
104
105 Smartcard support is now available using PKCS#11 tokens. If you were
106 previously using an unofficial build of Debian's OpenSSH package with
107 OpenSC-based smartcard support added, then note that commands like
108 'ssh-add -s 0' will no longer work; you need to use 'ssh-add -s
109 /usr/lib/opensc-pkcs11.so' instead.
110
111 -- Colin Watson <cjwatson@debian.org> Sat, 10 Apr 2010 01:08:59 +0100
112
113openssh (1:3.8.1p1-9) experimental; urgency=low
114
115 The ssh package has been split into openssh-client and openssh-server. If
116 you had previously requested that the sshd server should not be run, then
117 that request will still be honoured. However, the recommended approach is
118 now to remove the openssh-server package if you do not want to run sshd.
119 You can remove the old /etc/ssh/sshd_not_to_be_run marker file after doing
120 that.
121
122 -- Colin Watson <cjwatson@debian.org> Mon, 2 Aug 2004 20:48:54 +0100
123
124openssh (1:3.5p1-1) unstable; urgency=low
125
126 This version of OpenSSH disables the environment option for public keys by
127 default, in order to avoid certain attacks (for example, LD_PRELOAD). If
128 you are using this option in an authorized_keys file, beware that the keys
129 in question will no longer work until the option is removed.
130
131 To re-enable this option, set "PermitUserEnvironment yes" in
132 /etc/ssh/sshd_config after the upgrade is complete, taking note of the
133 warning in the sshd_config(5) manual page.
134
135 -- Colin Watson <cjwatson@debian.org> Sat, 26 Oct 2002 19:41:51 +0100
136
137openssh (1:3.0.1p1-1) unstable; urgency=high
138
139 As of version 3, OpenSSH no longer uses separate files for ssh1 and ssh2
140 keys. This means the authorized_keys2 and known_hosts2 files are no longer
141 needed. They will still be read in order to maintain backward
142 compatibility.
143
144 -- Matthew Vernon <matthew@debian.org> Thu, 28 Nov 2001 17:43:01 +0000