Call for testing: OpenSSH 7.5p1
11 views
Skip to first unread message
Damien Miller
Mar 14, 2017, 6:40:52 AM3/14/17
to openssh-...@mindrot.org
Hi,
OpenSSH 7.5p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at http://www.openssh.com/portable.html#cvs
At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
https://github.com/openssh/openssh-portable
Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:
$ ./configure && make tests
Live testing on suitable non-production systems is also
appreciated. Please send reports of success or failure to
openssh-...@mindrot.org.
Below is a summary of changes. More detail may be found in the ChangeLog
in the portable OpenSSH tarballs.
Thanks to the many people who contributed to this release.
Future deprecation notice
=========================
We plan on retiring more legacy cryptography in future releases,
specifically:
* In the next major release (expected June-August), removing remaining
support for the SSH v.1 protocol (currently client-only and compile-
time disabled).
* In the same release, removing support for Blowfish and RC4 ciphers
and the RIPE-MD160 HMAC. (These are currently run-time disabled).
* In the same release, removing the remaining CBC ciphers from being
offered by default in the client (These have not been offered in
sshd by default for several years).
* Refusing all RSA keys smaller than 1024 bits (the current minimum
is 768 bits)
This list reflects our current intentions, but please check the final
release notes for future releases.
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* This release deprecates the sshd_config UsePrivilegeSeparation
option, thereby making privilege separation mandatory. Privilege
separation has been on by default for almost 15 years.
* The format of several log messages emitted by the packet code has
changed to include additional information about the user and
their authentication state. Software that monitors ssh/sshd logs
may need to account for these changes. For example:
Connection closed by user x 1.1.1.1 port 1234 [preauth]
Connection closed by authenticating user x 10.1.1.1 port 1234 [preauth]
Connection closed by invalid user x 1.1.1.1 port 1234 [preauth]
Affected messages include connection closure, timeout, remote
disconnection, negotiation failure and some other fatal messages
generated by the packet code.
Changes since OpenSSH 7.4
=========================
This is a bugfix release.
New Features
------------
* ssh(1), sshd(8): Support "=-" syntax to easily remove methods from
algorithm lists, e.g. Ciphers=-*cbc. bz#2671
Bugfixes
--------
* ssh(1), sshd(8): Allow form-feed characters to appear in
configuration files.
* sshd(8): Fix regression in OpenSSH 7.4 support for the
server-sig-algs extension, where SHA2 RSA signature methods were
not being correctly advertised. bz#2680
* ssh(1), ssh-keygen(1): Fix a number of case-sensitivity bugs in
known_hosts processing. bz#2591 bz#2685
* ssh(1): Allow ssh to use certificates accompanied by a private key
file but no corresponding plain *.pub public key. bz#2617
* ssh(1): When updating hostkeys using the UpdateHostKeys option,
accept RSA keys if HostkeyAlgorithms contains any RSA keytype.
Previously, ssh could ignore RSA keys when only the ssh-rsa-sha2-*
methods were enabled in HostkeyAlgorithms and not the old ssh-rsa
method. bz#2650
* ssh(1): Detect and report excessively long configuration file
lines. bz#2651
* Merge a number of fixes found by Coverity and reported via Redhat
and FreeBSD. Includes fixes for some memory and file descriptor
leaks in error paths. bz#2687
* ssh-keyscan(1): Correctly hash hosts with a port number. bz#2692
* ssh(1), sshd(8): When logging long messages to stderr, don't truncate
"\r\n" if the length of the message exceeds the buffer. bz#2688
* ssh(1): Fully quote [host]:port in generated ProxyJump/-J command-
line; avoid confusion over IPv6 addresses and shells that treat
square bracket characters specially.
* ssh-keygen(1): Fix corruption of known_hosts when running
"ssh-keygen -H" on a known_hosts containing already-hashed entries.
* Fix various fallout and sharp edges caused by removing SSH protocol
1 support from the server, including the server banner string being
incorrectly terminated with only \n (instead of \r\n), and
confusing error messages from ssh-keyscan bz#2583.
* ssh(1), sshd(8): Free fd_set on connection timeout. bz#2683
* sshd(8): Fix Unix domain socket forwarding for root (regression in
OpenSSH 7.4).
* sftp(1): Fix division by zero crash in "df" output when server
returns zero total filesystem blocks/inodes.
* ssh(1), ssh-add(1), ssh-keygen(1), sshd(8): Translate OpenSSL errors
encountered during key loading to more meaningful error codes.
bz#2522 bz#2523
* ssh-keygen(1): Sanitise escape sequences in key comments sent to
printf but preserve valid UTF-8 when the locale supports it;
bz#2520
* ssh(1), sshd(8): Return reason for port forwarding failures where
feasible rather than always "administratively prohibited". bz#2674
* sshd(8): Fix deadlock when AuthorizedKeysCommand or
AuthorizedPrincipalsCommand produces a lot of output and a key is
matched early. bz#2655
* Regression tests: several reliability fixes. bz#2654 bz#2658 bz#2659
* ssh(1): Fix typo in ~C error message for bad port forward
cancellation. bz#2672
* ssh(1): Show a useful error message when included config files
can't be opened; bz#2653
* sshd(8): Make sshd set GSSAPIStrictAcceptorCheck=yes as the manual page
(previously incorrectly) advertised. bz#2637
* sshd_config(5): Repair accidentally-deleted mention of %k token
in AuthorizedKeysCommand; bz#2656
* sshd(8): Remove vestiges of previously removed LOGIN_PROGRAM; bzbz#2665
* ssh-agent(1): Relax PKCS#11 whitelist to include libexec and
common 32-bit compatibility library directories.
* sftp-client(1): fix non-exploitable integer overflow in SSH2_FXP_NAME
response handling.
Portability
-----------
* sshd(8): Avoid sandbox errors for Linux S390 systems using an ICA
crypto coprocessor.
* sshd(8): Fix non-exploitable weakness in seccomp-bpf sandbox arg
inspection.
* ssh(1): Fix X11 forwarding on OSX where X11 was being started by
launchd. bz#2341
* ssh-keygen(1), ssh(1), sftp(1): Fix output truncation for various that
contain non-printable characters where the codeset in use is ASCII.
* build: Fix builds that attempt to link a kerberised libldns. bz#2603
* build: Fix compilation problems caused by unconditionally defining
_XOPEN_SOURCE in wide character detection.
* sshd(8): Fix sandbox violations for clock_gettime VSDO syscall
fallback on some Linux/X32 kernels. bz#2142
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
Tim Rice and Ben Lindstrom.
_______________________________________________
openssh-unix-dev mailing list
openssh-...@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
OpenSSH 7.5p1 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is a bugfix release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable OpenSSH is also available via git using the
instructions at http://www.openssh.com/portable.html#cvs
At https://anongit.mindrot.org/openssh.git/ or via a mirror at Github:
https://github.com/openssh/openssh-portable
Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:
$ ./configure && make tests
Live testing on suitable non-production systems is also
appreciated. Please send reports of success or failure to
openssh-...@mindrot.org.
Below is a summary of changes. More detail may be found in the ChangeLog
in the portable OpenSSH tarballs.
Thanks to the many people who contributed to this release.
Future deprecation notice
=========================
We plan on retiring more legacy cryptography in future releases,
specifically:
* In the next major release (expected June-August), removing remaining
support for the SSH v.1 protocol (currently client-only and compile-
time disabled).
* In the same release, removing support for Blowfish and RC4 ciphers
and the RIPE-MD160 HMAC. (These are currently run-time disabled).
* In the same release, removing the remaining CBC ciphers from being
offered by default in the client (These have not been offered in
sshd by default for several years).
* Refusing all RSA keys smaller than 1024 bits (the current minimum
is 768 bits)
This list reflects our current intentions, but please check the final
release notes for future releases.
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* This release deprecates the sshd_config UsePrivilegeSeparation
option, thereby making privilege separation mandatory. Privilege
separation has been on by default for almost 15 years.
* The format of several log messages emitted by the packet code has
changed to include additional information about the user and
their authentication state. Software that monitors ssh/sshd logs
may need to account for these changes. For example:
Connection closed by user x 1.1.1.1 port 1234 [preauth]
Connection closed by authenticating user x 10.1.1.1 port 1234 [preauth]
Connection closed by invalid user x 1.1.1.1 port 1234 [preauth]
Affected messages include connection closure, timeout, remote
disconnection, negotiation failure and some other fatal messages
generated by the packet code.
Changes since OpenSSH 7.4
=========================
This is a bugfix release.
New Features
------------
* ssh(1), sshd(8): Support "=-" syntax to easily remove methods from
algorithm lists, e.g. Ciphers=-*cbc. bz#2671
Bugfixes
--------
* ssh(1), sshd(8): Allow form-feed characters to appear in
configuration files.
* sshd(8): Fix regression in OpenSSH 7.4 support for the
server-sig-algs extension, where SHA2 RSA signature methods were
not being correctly advertised. bz#2680
* ssh(1), ssh-keygen(1): Fix a number of case-sensitivity bugs in
known_hosts processing. bz#2591 bz#2685
* ssh(1): Allow ssh to use certificates accompanied by a private key
file but no corresponding plain *.pub public key. bz#2617
* ssh(1): When updating hostkeys using the UpdateHostKeys option,
accept RSA keys if HostkeyAlgorithms contains any RSA keytype.
Previously, ssh could ignore RSA keys when only the ssh-rsa-sha2-*
methods were enabled in HostkeyAlgorithms and not the old ssh-rsa
method. bz#2650
* ssh(1): Detect and report excessively long configuration file
lines. bz#2651
* Merge a number of fixes found by Coverity and reported via Redhat
and FreeBSD. Includes fixes for some memory and file descriptor
leaks in error paths. bz#2687
* ssh-keyscan(1): Correctly hash hosts with a port number. bz#2692
* ssh(1), sshd(8): When logging long messages to stderr, don't truncate
"\r\n" if the length of the message exceeds the buffer. bz#2688
* ssh(1): Fully quote [host]:port in generated ProxyJump/-J command-
line; avoid confusion over IPv6 addresses and shells that treat
square bracket characters specially.
* ssh-keygen(1): Fix corruption of known_hosts when running
"ssh-keygen -H" on a known_hosts containing already-hashed entries.
* Fix various fallout and sharp edges caused by removing SSH protocol
1 support from the server, including the server banner string being
incorrectly terminated with only \n (instead of \r\n), and
confusing error messages from ssh-keyscan bz#2583.
* ssh(1), sshd(8): Free fd_set on connection timeout. bz#2683
* sshd(8): Fix Unix domain socket forwarding for root (regression in
OpenSSH 7.4).
* sftp(1): Fix division by zero crash in "df" output when server
returns zero total filesystem blocks/inodes.
* ssh(1), ssh-add(1), ssh-keygen(1), sshd(8): Translate OpenSSL errors
encountered during key loading to more meaningful error codes.
bz#2522 bz#2523
* ssh-keygen(1): Sanitise escape sequences in key comments sent to
printf but preserve valid UTF-8 when the locale supports it;
bz#2520
* ssh(1), sshd(8): Return reason for port forwarding failures where
feasible rather than always "administratively prohibited". bz#2674
* sshd(8): Fix deadlock when AuthorizedKeysCommand or
AuthorizedPrincipalsCommand produces a lot of output and a key is
matched early. bz#2655
* Regression tests: several reliability fixes. bz#2654 bz#2658 bz#2659
* ssh(1): Fix typo in ~C error message for bad port forward
cancellation. bz#2672
* ssh(1): Show a useful error message when included config files
can't be opened; bz#2653
* sshd(8): Make sshd set GSSAPIStrictAcceptorCheck=yes as the manual page
(previously incorrectly) advertised. bz#2637
* sshd_config(5): Repair accidentally-deleted mention of %k token
in AuthorizedKeysCommand; bz#2656
* sshd(8): Remove vestiges of previously removed LOGIN_PROGRAM; bzbz#2665
* ssh-agent(1): Relax PKCS#11 whitelist to include libexec and
common 32-bit compatibility library directories.
* sftp-client(1): fix non-exploitable integer overflow in SSH2_FXP_NAME
response handling.
Portability
-----------
* sshd(8): Avoid sandbox errors for Linux S390 systems using an ICA
crypto coprocessor.
* sshd(8): Fix non-exploitable weakness in seccomp-bpf sandbox arg
inspection.
* ssh(1): Fix X11 forwarding on OSX where X11 was being started by
launchd. bz#2341
* ssh-keygen(1), ssh(1), sftp(1): Fix output truncation for various that
contain non-printable characters where the codeset in use is ASCII.
* build: Fix builds that attempt to link a kerberised libldns. bz#2603
* build: Fix compilation problems caused by unconditionally defining
_XOPEN_SOURCE in wide character detection.
* sshd(8): Fix sandbox violations for clock_gettime VSDO syscall
fallback on some Linux/X32 kernels. bz#2142
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
Tim Rice and Ben Lindstrom.
_______________________________________________
openssh-unix-dev mailing list
openssh-...@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Jakub Jelen
Mar 14, 2017, 7:51:25 AM3/14/17
to Damien Miller, openssh-...@mindrot.org
On 03/14/2017 11:40 AM, Damien Miller wrote:
> Hi,
>
> OpenSSH 7.5p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
>
> [...]
> Hi,
>
> OpenSSH 7.5p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
>
>
> This release includes a number of changes that may affect existing
> configurations:
>
> * This release deprecates the sshd_config UsePrivilegeSeparation
> option, thereby making privilege separation mandatory. Privilege
> separation has been on by default for almost 15 years.
Hello,
> This release includes a number of changes that may affect existing
> configurations:
>
> * This release deprecates the sshd_config UsePrivilegeSeparation
> option, thereby making privilege separation mandatory. Privilege
> separation has been on by default for almost 15 years.
I don't see this option deprecated in current portable master. Still in
place. How are we going to be able to switch between Sandbox and just
privilege separation?
As far as I remember, various people still use this use case to test
other SSH implementation (privsep requires running a root, isn't it?).
> * Fix various fallout and sharp edges caused by removing SSH protocol
> 1 support from the server, including the server banner string being
> incorrectly terminated with only \n (instead of \r\n), and
> confusing error messages from ssh-keyscan bz#2583.
removal:
https://bugzilla.mindrot.org/show_bug.cgi?id=2686
Also this one is a bit confusing:
https://bugzilla.mindrot.org/show_bug.cgi?id=2682
I took the package through the basic sanity testing and so far all tests
passed.
Thanks,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat
Damien Miller
Mar 14, 2017, 8:47:41 PM3/14/17
to Jakub Jelen, openssh-...@mindrot.org
On Tue, 14 Mar 2017, Jakub Jelen wrote:
> Hello,
> I don't see this option deprecated in current portable master. Still in place.
> How are we going to be able to switch between Sandbox and just privilege
> separation?
We might consider some way of disabling sandboxing (apart from editing
> Hello,
> I don't see this option deprecated in current portable master. Still in place.
> How are we going to be able to switch between Sandbox and just privilege
> separation?
the source) if there is user demand, but I think developers/packagers
can figure out sandbox violations pretty easily from dmesg, etc.
> As far as I remember, various people still use this use case to test
> other SSH implementation (privsep requires running a root, isn't it?).
including sandboxing is still active if sshd is run as a regular user.
> > * Fix various fallout and sharp edges caused by removing SSH protocol
> > 1 support from the server, including the server banner string being
> > incorrectly terminated with only \n (instead of \r\n), and
> > confusing error messages from ssh-keyscan bz#2583.
>
> I would vouch for this bug get fixed too in the relation to the SSH1 removal:
>
> https://bugzilla.mindrot.org/show_bug.cgi?id=2686
>
> Also this one is a bit confusing:
>
> https://bugzilla.mindrot.org/show_bug.cgi?id=2682
-d
Jakub Jelen
Mar 15, 2017, 5:37:32 AM3/15/17
to Damien Miller, openssh-...@mindrot.org
On 03/15/2017 01:47 AM, Damien Miller wrote:
> On Tue, 14 Mar 2017, Jakub Jelen wrote:
>
>> Hello,
>> I don't see this option deprecated in current portable master. Still in place.
>> How are we going to be able to switch between Sandbox and just privilege
>> separation?
>
> We might consider some way of disabling sandboxing (apart from editing
> the source) if there is user demand, but I think developers/packagers
> can figure out sandbox violations pretty easily from dmesg, etc.
That would be very desirable.
> On Tue, 14 Mar 2017, Jakub Jelen wrote:
>
>> Hello,
>> I don't see this option deprecated in current portable master. Still in place.
>> How are we going to be able to switch between Sandbox and just privilege
>> separation?
>
> We might consider some way of disabling sandboxing (apart from editing
> the source) if there is user demand, but I think developers/packagers
> can figure out sandbox violations pretty easily from dmesg, etc.
The sandbox (at least rlimit if I remember well) had a problems with
running under valgrind.
>> As far as I remember, various people still use this use case to test
>> other SSH implementation (privsep requires running a root, isn't it?).
>
> No, only setuid to an unprivileged user needs that; the rest of privsep
> including sandboxing is still active if sshd is run as a regular user.
>
>>> * Fix various fallout and sharp edges caused by removing SSH protocol
>>> 1 support from the server, including the server banner string being
>>> incorrectly terminated with only \n (instead of \r\n), and
>>> confusing error messages from ssh-keyscan bz#2583.
>>
>> I would vouch for this bug get fixed too in the relation to the SSH1 removal:
>>
>> https://bugzilla.mindrot.org/show_bug.cgi?id=2686
>>
>> Also this one is a bit confusing:
>>
>> https://bugzilla.mindrot.org/show_bug.cgi?id=2682
>
> Will take a look.
Build against OpenSSL 1.1.0 fails, because there is no
EVP_R_BN_DECODE_ERROR defined. The last usage was removed >10 years ago
from OpenSSL sources [1].
I understand that OpenSSL 1.1.0 is not a priority, but I believe it is
not used in other forks either so compatibility patch (attached) would
probably make sense.
The other tests passed so I guess we are good to go from our side.
[1] https://github.com/openssl/openssl/commit/448be743
Corinna Vinschen
Mar 15, 2017, 7:34:19 AM3/15/17
to Damien Miller, openssh-...@mindrot.org
On Mar 14 21:40, Damien Miller wrote:
> Hi,
>
> OpenSSH 7.5p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
> [...]
> Hi,
>
> OpenSSH 7.5p1 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This is a bugfix release.
> Potentially-incompatible changes
> ================================
>
> This release includes a number of changes that may affect existing
> configurations:
>
> * This release deprecates the sshd_config UsePrivilegeSeparation
> option, thereby making privilege separation mandatory. Privilege
> separation has been on by default for almost 15 years.
Today's code from the git repo with UsePrivilegeSeparation option
> ================================
>
> This release includes a number of changes that may affect existing
> configurations:
>
> * This release deprecates the sshd_config UsePrivilegeSeparation
> option, thereby making privilege separation mandatory. Privilege
> separation has been on by default for almost 15 years.
removed tested on Cygwin. It compiles OOTB and the testsuite runs
successfully.
However, the removal of UsePrivilegeSeparation requires a patch to
Cygwin's ssh-host-config script. Patch attached.
Thanks,
Corinna
--
Corinna Vinschen
Cygwin Maintainer
Red Hat
Damien Miller
Mar 15, 2017, 8:24:18 PM3/15/17
to Corinna Vinschen, openssh-...@mindrot.org
On Wed, 15 Mar 2017, Corinna Vinschen wrote:
> Today's code from the git repo with UsePrivilegeSeparation option
> removed tested on Cygwin. It compiles OOTB and the testsuite runs
> successfully.
>
> However, the removal of UsePrivilegeSeparation requires a patch to
> Cygwin's ssh-host-config script. Patch attached.
Peter Moody
Mar 17, 2017, 12:43:45 PM3/17/17
to Damien Miller, OpenSSH Devel List
special snowflake reporting in. looks good here too.
thanks for all your hardwork, folks!
thanks for all your hardwork, folks!
Reply all
Reply to author
Forward
0 new messages