OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
OpenSSH 7.4 released!
Contributed by grey on Thu Dec 22 21:52:00 2016 (GMT)
from the DisableForwaring? Is that a typo? Double check configs! ;) dept.

A new version of OpenSSH has been announced. Continue reading for the changelog of OpenSSH 7.4 below:

OpenSSH 7.4 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support. OpenSSH also includes
transitional support for the legacy SSH 1.3 and 1.5 protocols
that may be enabled at compile-time.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html

Future deprecation notice
=========================

We plan on retiring more legacy cryptography in future releases,
specifically:

 * In approximately August 2017, removing remaining support for the
   SSH v.1 protocol (client-only and currently compile-time disabled).

 * In the same release, removing support for Blowfish and RC4 ciphers
   and the RIPE-MD160 HMAC. (These are currently run-time disabled).

 * Refusing all RSA keys smaller than 1024 bits (the current minimum
   is 768 bits)

 * The next release of OpenSSH will remove support for running sshd(8)
   with privilege separation disabled.

 * The next release of portable OpenSSH will remove support for
   OpenSSL version prior to 1.0.1.

This list reflects our current intentions, but please check the final
release notes for future releases.

Potentially-incompatible changes
================================

This release includes a number of changes that may affect existing
configurations:

 * This release removes server support for the SSH v.1 protocol.

 * ssh(1): Remove 3des-cbc from the client's default proposal. 64-bit
   block ciphers are not safe in 2016 and we don't want to wait until
   attacks like SWEET32 are extended to SSH. As 3des-cbc was the
   only mandatory cipher in the SSH RFCs, this may cause problems
   connecting to older devices using the default configuration,
   but it's highly likely that such devices already need explicit
   configuration for key exchange and hostkey algorithms already
   anyway.
    
 * sshd(8): Remove support for pre-authentication compression.
   Doing compression early in the protocol probably seemed reasonable
   in the 1990s, but today it's clearly a bad idea in terms of both
   cryptography (cf. multiple compression oracle attacks in TLS) and
   attack surface. Pre-auth compression support has been disabled by
   default for >10 years. Support remains in the client.
    
 * ssh-agent will refuse to load PKCS#11 modules outside a whitelist
   of trusted paths by default. The path whitelist may be specified
   at run-time.

 * sshd(8): When a forced-command appears in both a certificate and
   an authorized keys/principals command= restriction, sshd will now
   refuse to accept the certificate unless they are identical.
   The previous (documented) behaviour of having the certificate
   forced-command override the other could be a bit confusing and
   error-prone.
    
 * sshd(8): Remove the UseLogin configuration directive and support
   for having /bin/login manage login sessions.
    
Changes since OpenSSH 7.3
=========================

This is primarily a bugfix release.

Security
--------

 * ssh-agent(1): Will now refuse to load PKCS#11 modules from paths
   outside a trusted whitelist (run-time configurable). Requests to
   load modules could be passed via agent forwarding and an attacker
   could attempt to load a hostile PKCS#11 module across the forwarded
   agent channel: PKCS#11 modules are shared libraries, so this would
   result in code execution on the system running the ssh-agent if the
   attacker has control of the forwarded agent-socket (on the host
   running the sshd server) and the ability to write to the filesystem
   of the host running ssh-agent (usually the host running the ssh
   client). Reported by Jann Horn of Project Zero.

 * sshd(8): When privilege separation is disabled, forwarded Unix-
   domain sockets would be created by sshd(8) with the privileges of
   'root' instead of the authenticated user. This release refuses
   Unix-domain socket forwarding when privilege separation is disabled
   (Privilege separation has been enabled by default for 14 years).
   Reported by Jann Horn of Project Zero.

 * sshd(8): Avoid theoretical leak of host private key material to
   privilege-separated child processes via realloc() when reading
   keys. No such leak was observed in practice for normal-sized keys,
   nor does a leak to the child processes directly expose key material
   to unprivileged users. Reported by Jann Horn of Project Zero.
 
 * sshd(8): The shared memory manager used by pre-authentication
   compression support had a bounds checks that could be elided by
   some optimising compilers. Additionally, this memory manager was
   incorrectly accessible when pre-authentication compression was
   disabled. This could potentially allow attacks against the
   privileged monitor process from the sandboxed privilege-separation
   process (a compromise of the latter would be required first).
   This release removes support for pre-authentication compression
   from sshd(8). Reported by Guido Vranken using the Stack unstable
   optimisation identification tool (http://css.csail.mit.edu/stack/)

 * sshd(8): Fix denial-of-service condition where an attacker who
   sends multiple KEXINIT messages may consume up to 128MB per
   connection. Reported by Shi Lei of Gear Team, Qihoo 360.

 * sshd(8): Validate address ranges for AllowUser and DenyUsers
   directives at configuration load time and refuse to accept invalid
   ones. It was previously possible to specify invalid CIDR address
   ranges (e.g. user@127.1.2.3/55) and these would always match,
   possibly resulting in granting access where it was not intended.
   Reported by Laurence Parry.

New Features
------------

 * ssh(1): Add a proxy multiplexing mode to ssh(1) inspired by the
   version in PuTTY by Simon Tatham. This allows a multiplexing
   client to communicate with the master process using a subset of
   the SSH packet and channels protocol over a Unix-domain socket,
   with the main process acting as a proxy that translates channel
   IDs, etc.  This allows multiplexing mode to run on systems that
   lack file- descriptor passing (used by current multiplexing
   code) and potentially, in conjunction with Unix-domain socket
   forwarding, with the client and multiplexing master process on
   different machines. Multiplexing proxy mode may be invoked using
   "ssh -O proxy ..."

 * sshd(8): Add a sshd_config DisableForwaring option that disables
   X11, agent, TCP, tunnel and Unix domain socket forwarding, as well
   as anything else we might implement in the future. Like the
   'restrict' authorized_keys flag, this is intended to be a simple
   and future-proof way of restricting an account.

 * sshd(8), ssh(1): Support the "curve25519-sha256" key exchange
   method. This is identical to the currently-supported method named
   "curve25519-sha256@libssh.org".

 * sshd(8): Improve handling of SIGHUP by checking to see if sshd is
   already daemonised at startup and skipping the call to daemon(3)
   if it is. This ensures that a SIGHUP restart of sshd(8) will
   retain the same process-ID as the initial execution. sshd(8) will
   also now unlink the PidFile prior to SIGHUP restart and re-create
   it after a successful restart, rather than leaving a stale file in
   the case of a configuration error. bz#2641

 * sshd(8): Allow ClientAliveInterval and ClientAliveCountMax
   directives to appear in sshd_config Match blocks.

 * sshd(8): Add %-escapes to AuthorizedPrincipalsCommand to match
   those supported by AuthorizedKeysCommand (key, key type,
   fingerprint, etc.) and a few more to provide access to the
   contents of the certificate being offered.

 * Added regression tests for string matching, address matching and
   string sanitisation functions.

 * Improved the key exchange fuzzer harness.
 
Bugfixes
--------

 * ssh(1): Allow IdentityFile to successfully load and use
   certificates that have no corresponding bare public key. bz#2617
   certificate id_rsa-cert.pub (and no id_rsa.pub).

 * ssh(1): Fix public key authentication when multiple
   authentication is in use and publickey is not just the first
   method attempted. bz#2642

 * regress: Allow the PuTTY interop tests to run unattended. bz#2639
 
 * ssh-agent(1), ssh(1): improve reporting when attempting to load
   keys from PKCS#11 tokens with fewer useless log messages and more
   detail in debug messages. bz#2610

 * ssh(1): When tearing down ControlMaster connections, don't
   pollute stderr when LogLevel=quiet.

 * sftp(1): On ^Z wait for underlying ssh(1) to suspend before
   suspending sftp(1) to ensure that ssh(1) restores the terminal mode
   correctly if suspended during a password prompt.

 * ssh(1): Avoid busy-wait when ssh(1) is suspended during a password
   prompt.

 * ssh(1), sshd(8): Correctly report errors during sending of ext-
   info messages.

 * sshd(8): fix NULL-deref crash if sshd(8) received an out-of-
   sequence NEWKEYS message.

 * sshd(8): Correct list of supported signature algorithms sent in
   the server-sig-algs extension. bz#2547

 * sshd(8): Fix sending ext_info message if privsep is disabled.

 * sshd(8): more strictly enforce the expected ordering of privilege
   separation monitor calls used for authentication and allow them
   only when their respective authentication methods are enabled
   in the configuration

 * sshd(8): Fix uninitialised optlen in getsockopt() call; harmless
   on Unix/BSD but potentially crashy on Cygwin.

 * Fix false positive reports caused by explicit_bzero(3) not being
   recognised as a memory initialiser when compiled with
   -fsanitize-memory.
    
 * sshd_config(5): Use 2001:db8::/32, the official IPv6 subnet for
   configuration examples.

Portability
-----------

 * On environments configured with Turkish locales, fall back to the
   C/POSIX locale to avoid errors in configuration parsing caused by
   that locale's unique handling of the letters 'i' and 'I'. bz#2643

 * sftp-server(8), ssh-agent(1): Deny ptrace on OS X using
   ptrace(PT_DENY_ATTACH, ..)

 * ssh(1), sshd(8): Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL.

 * Fix compilation for libcrypto compiled without RIPEMD160 support.

 * contrib: Add a gnome-ssh-askpass3 with GTK+3 support. bz#2640
    
 * sshd(8): Improve PRNG reseeding across privilege separation and
   force libcrypto to obtain a high-quality seed before chroot or
   sandboxing.

 * All: Explicitly test for broken strnvis. NetBSD added an strnvis
   and unfortunately made it incompatible with the existing one in
   OpenBSD and Linux's libbsd (the former having existed for over ten
   years). Try to detect this mess, and assume the only safe option
   if we're cross compiling.

Checksums:
==========

 - SHA1 (openssh-7.4.tar.gz) = 1e2073f95d5ead8f2814b4b6c0700bcd533c410f
 - SHA1 (openssh-7.4p1.tar.gz) = 2330bbf82ed08cf3ac70e0acf00186ef3eeb97e0

 - SHA256 (openssh-7.4.tar.gz) = +GEXh7Xr2J87cq1uA97hF9e+3lfOQ2LKxXGdmFXREf0
 - SHA256 (openssh-7.4p1.tar.gz) = Gx/EoU4gJCkxgZJO0khy5vLgYpPz6JJqN2uK7EgfGdE=

Please note that the SHA256 signatures are base64 encoded and not
hexadecimal (which is the default for most checksum tools). The PGP
key used to sign the releases is available as RELEASE_KEY.asc from
the mirror sites.

Reporting Bugs:
===============

- Please read http://www.openssh.com/report.html
  Security bugs should be reported directly to openssh@openssh.com

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de
Raadt, Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre,
Tim Rice and Ben Lindstrom.
[topicopenssh]

<< LibreSSL documentation status report | Reply | Flattened | Expanded | Peter Hansteen on OpenBSD and you >>

Threshold: Help

Related Links
more by grey


  RIPE-MD160 (mod -1/107)
by Chas (142.79.57.1) on Mon Dec 19 18:17:03 2016 (GMT)
  Why was RIPE-MD160 HMAC removed?
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]
      Re: RIPE-MD160 (-2/108) by Anonymous Coward on Mon Dec 19 22:40:19 2016 (GMT)

  Re: OpenSSH 7.4 released! (mod -5/121)
by Anonymous Coward (24.113.18.65) on Mon Dec 19 20:41:25 2016 (GMT)
  Thanks for including checksums in the release email. I know that there has been resistance to doing so for OpenBSD releases, but perhaps that will change now that CD releases are no-more.

To be a bit more paranoid would likely require pairing the checksum with the file size, since simple changes to have the same checksum is easiest with a different file size, but with the same file size it should be more difficult, while keeping it usable as a compressed file that needs to compile, etc.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 7/109)
by Just Another OpenBSD User (77.85.134.102) on Thu Dec 22 17:21:57 2016 (GMT)
  Thanks to the Undeadly journal, to the OpenSSH project, to the OpenBSD project and to the OpenBSD Foundation.

N.B. One minor tip for this article, please see suggested closing tag fix from a/ to /a

Replace
<a href="http://www.openssh.com/donations.html">http://www.openssh.com/donations.html<a/>
with
<a href="http://www.openssh.com/donations.html">http://www.openssh.com/donations.html</a>

Merry holiday season, and a very Happy New 2017 Year, best wishes everyone!!!
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod -2/76)
by cheap flyer printing canada (45.116.232.31) (jodiwbrown7@gmail.com) on Wed Mar 22 01:30:40 2017 (GMT)
  Excellent Blog! I would like to thank for the efforts you have made in writing this post. I am hoping the same best work from you in the future as well. I wanted to thank you for this websites! Thanks for sharing. Great websites! cheap flyer printing canada
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod -1/47)
by Bobby (binasa) (bobbyibrahim3807@gmail.com) on Fri Mar 24 20:58:10 2017 (GMT)
http://dodakeygens.com
  It is imperative that we read blog post very carefully. I am already done it and find that this post is really amazing.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 2/42)
by Ollie (178.218.203.78) (ollieseth5551@gmail.com) on Sat Apr 1 09:13:12 2017 (GMT)
http://ruchishen.wordpress.com
  That appears to be excellent however i am still not too sure that I like it. At any rate will look far more into it and decide personally!
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod -1/29)
by Edward (178.218.203.78) (edwardcharles2458@gmail.com) on Sat Apr 8 12:21:01 2017 (GMT)
http://alpha-x.ru
  This is my first time i visit here. I found so many interesting stuff in your blog especially its discussion. From the tons of comments on your articles, I guess I am not the only one having all the enjoyment here! keep up the good work.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Seth (178.218.202.222) (sethoscar3007@gmail.com) on Thu Apr 20 23:52:10 2017 (GMT)
http://shutpuanddownload.blogspot.com
  Blog gave us useful information to work. You have done an amazing job.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Matthew (178.218.202.69) (matthewedward6067@gmail.com) on Tue May 2 18:35:48 2017 (GMT)
http://newdownloadthefilenow.com
  I've proper selected to build a blog, which I hold been deficient to do for a during. Acknowledges for this inform, it's really serviceable!
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Nathan (178.218.202.69) (nathanlogan5023@gmail.com) on Sun May 7 13:54:29 2017 (GMT)
http://downloadbestwarezhere.ru
  Blog gave us useful information to work. You have done an amazing job.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Leo (178.218.202.69) (leojames7827@gmail.com) on Wed May 10 11:32:55 2017 (GMT)
http://kakskachatappnasmartfon.ru
  This is very educational content and written well for a change. It's nice to see that some people still understand how to write a quality post.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Mikayla Moses (59.95.73.187) on Thu May 11 08:50:03 2017 (GMT)
  Happy to see that you have cleared all the bugs from the previous release. I wanted it so badly to be flawless. This is the best version that you have released recently and I am very impressed with this. face masks
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Toby (178.218.202.69) (tobycaleb5632@gmail.com) on Mon May 15 17:12:11 2017 (GMT)
http://cumeho.ru
  I really impressed after read this because of some quality work and informative thoughts . I just wanna say thanks for the writer and wish you all the best for coming!
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Kian (178.218.202.69) (kianalex5662@gmail.com) on Tue May 16 21:34:20 2017 (GMT)
http://budurmarket.over-blog.com
  Nice to be visiting your blog again, it has been months for me. Well this article that i've been waited for so long. I need this article to complete my assignment in the college, and it has same topic with your article. Thanks, great share.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Leo (178.218.202.69) (leofrankie8198@gmail.com) on Fri May 19 19:31:24 2017 (GMT)
http://microv.ru
  I have express a few of the articles on your website now, and I really like your style of blogging.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Alfie (178.218.202.69) (alfiejake2288@gmail.com) on Thu May 25 20:43:40 2017 (GMT)
http://fg39.ru
  I was looking at some of your posts on this website and I conceive this web site is really instructive! Keep putting up.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Aaron (178.218.202.69) (aaronstanley6551@gmail.com) on Tue May 30 01:10:47 2017 (GMT)
http://microv.ru
  This article is simple to see without departing out any specifics and enjoy. Excellent work! You finished particular factors that were trusted there try this web-site . I discovered almost all individuals may accept your site and did a research about them.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Jayden (178.218.202.69) (jaydenharvey5593@gmail.com) on Tue Jun 6 01:44:07 2017 (GMT)
http://seks-kunilingus.ru
  That is really nice to hear. thank you for the update and good luck.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Elliott (178.218.202.69) (elliottjack7316@gmail.com) on Sat Jun 10 04:24:33 2017 (GMT)
http://ir-tagil.ru
  Hello, I have browsed most of your posts. This post is probably where I got the most useful information for my research. Thanks for posting, maybe we can see more on this. Are you aware of any other websites on this subject.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

  Re: OpenSSH 7.4 released! (mod 0/0)
by Luke (178.218.202.69) (lukearchie6390@gmail.com) on Wed Jun 14 04:19:37 2017 (GMT)
http://angelsneverguess.ru
  An fascinating discussion is value comment. I think that it is best to write extra on this matter, it won't be a taboo topic however generally people are not enough to talk on such topics.
  [ Show thread ] [ Reply to this comment ] [ Mod Up ] [ Mod Down ]

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. Some icons from slashdot.org used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]