OpenSSH 3.9 released (fwd)

Bob Rasmussen ras at anzio.com
Wed Aug 18 08:18:48 PDT 2004


I thought you guys might be interested in this. Of particular interest, I
think, is the ability to tell the daemon to accept certain environment
variables sent from the client. Anzio can already do this. Some possble
uses:

1) Send a variable indicating that it is in fact Anzio running.

2) Send a PRINTER variable, to indicate where you prefer your printing to
go.

3) Send an FPTERM (or is it PFTERM?) variable, different from the TERM
variable.

4) Send a variable that indicates what "station number" the PC is.

5) Send a variable indicating the physical location of the PC. Remember
that some forms of the 'ps' command can show the environment variables
of other processes.

6) Send a LANG variable, which could include or not include the "UTF-8"
suffix.

7) Send a PFPT variable, to indicate you wanted passthrough print from
filePro.

I'll very quickly be testing Anzio with this version of sshd, especially
in regards to new features.

Regards,
....Bob Rasmussen,   President,   Rasmussen Software, Inc.

personal e-mail: ras at anzio.com
 company e-mail: rsi at anzio.com
          voice: (US) 503-624-0360 (9:00-6:00 Pacific Time)
            fax: (US) 503-624-0760
            web: http://www.anzio.com

---------- Forwarded message ----------
Date: Wed, 18 Aug 2004 10:58:49 +0200
From: Markus Friedl <markus at openbsd.org>
To: openssh-unix-announce at mindrot.org
Subject: [openssh-unix-announce] OpenSSH 3.9 released

OpenSSH 3.9 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

We would like to thank the OpenSSH community for their continued
support to the project, especially those who contributed source and
bought T-shirts or posters.

We have a new design of T-shirt available, more info on
        http://www.openbsd.org/tshirts.html#18

For international orders use http://https.openbsd.org/cgi-bin/order
and for European orders, use http://https.openbsd.org/cgi-bin/order.eu


Changes since OpenSSH 3.8:
============================

* Added new "IdentitiesOnly" option to ssh(1), which specifies that it should
  use keys specified in ssh_config, rather than any keys in ssh-agent(1)

* Make sshd(8) re-execute itself on accepting a new connection. This security
  measure ensures that all execute-time randomisations are reapplied for each
  connection rather than once, for the master process' lifetime. This includes
  mmap and malloc mappings, shared library addressing, shared library mapping
  order, ProPolice and StackGhost cookies on systems that support such things

* Add strict permission and ownership checks to programs reading ~/.ssh/config
  NB ssh(1) will now exit instead of trying to process a config with poor
  ownership or permissions

* Implemented the ability to pass selected environment variables between the
  client and the server. See "AcceptEnv" in sshd_config(5) and "SendEnv" in
  ssh_config(5) for details

* Added a "MaxAuthTries" option to sshd(8), allowing control over the maximum
  number of authentication attempts permitted per connection

* Added support for cancellation of active remote port forwarding sessions.
  This may be performed using the ~C escape character, see "Escape Characters"
  in ssh(1) for details

* Many sftp(1) interface improvements, including greatly enhanced "ls" support
  and the ability to cancel active transfers using SIGINT (^C)

* Implement session multiplexing: a single ssh(1) connection can now carry
  multiple login/command/file transfer sessions. Refer to the "ControlMaster"
  and "ControlPath" options in ssh_config(5) for more information

* The sftp-server has improved support for non-POSIX filesystems (e.g. FAT)

* Portable OpenSSH: Re-introduce support for PAM password authentication, in
  addition to the keyboard-interactive driver. PAM password authentication
  is less flexible, and doesn't support pre-authentication password expiry but
  runs in-process so Kerberos tokens, etc are retained

* Improved and more extensive regression tests

* Many bugfixes and small improvements

Checksums:
==========

- MD5 (openssh-3.9.tgz) = 93f48bfcc1560895ae53de6bfc41689b
- MD5 (openssh-3.9p1.tar.gz) = 8e1774d0b52aff08f817f3987442a16e


Reporting Bugs:
===============

- please read http://www.openssh.com/report.html
  and http://bugzilla.mindrot.org/

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller, Ben Lindstrom, Darren Tucker and Tim Rice.

_______________________________________________
openssh-unix-announce mailing list
openssh-unix-announce at mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-unix-announce


More information about the Filepro-list mailing list