OpenSSH/OpenSSH versions Release Notes

From Wikiversity
Jump to navigation Jump to search

This page or file is a candidate to be moved to Wikipedia.
If you disagree, remove this template and explain your opinion on the talk page.

Reading Relese Notes is one of the best way to be updated. So you can read complete Release Notes or this summary.


OpenSSH Versions[edit]

  • OpenSSH 7.5[1], released Template:Release date and age
    • This is a mainly a bugfix release.
  • OpenSSH 7.4[2], released Template:Release date and age
    • sshd(8): Add a sshd_config DisableForwarding option
  • OpenSSH 7.3[3], released Template:Release date and age
    • Adds ProxyJump option (-J)
    • Add an Include directive for ssh_config(5) files
  • OpenSSH 7.1: August 20, 2015[4]
    • This is a bugfix release.
  • OpenSSH 7.0: August 11, 2015[5]
    • The focus of this release is primarily to deprecate weak, legacy and unsafe cryptography.
  • OpenSSH 6.9: July 1, 2015[6]
    • This is primarily a bugfix release.
  • OpenSSH 6.8: March 18, 2015
    • Added new hostkeys@openssh.com extension to facilitate public key discovery and rotation for trusted hosts (for transition from DSA to Ed25519 public host keys)[7]
  • OpenSSH 6.7: October 6, 2014
    • The default set of ciphers and MACs has been altered to remove unsafe algorithms. In particular, CBC ciphers and arcfour* are disabled by default.
    • Compile-time option to not depend on OpenSSL[8]
    • Add support for Unix domain socket forwarding
  • OpenSSH 6.6: March 16, 2014
    • This is primarily a bugfix release.
  • OpenSSH 6.5: January 30, 2014
  • OpenSSH 6.4: November 8, 2013
    • This release fixes a security bug with AES-GCM
  • OpenSSH 6.3: September 13, 2013
    • This release is predominantly a bugfix release
  • OpenSSH 6.2: March 22, 2013
    • Add a GCM-mode for the AES cipher, similar to RFC 5647
    • Added support for encrypt-then-mac MAC modes
    • Added support for multiple required authentication methods
    • Added support for Key Revocation Lists
  • OpenSSH 6.1: August 29, 2012
    • This is primarily a bugfix release.
    • Enables pre-auth sandboxing by default
    • Finds ECDSA keys in ssh-keyscan and SSHFP DNS records by default now
  • OpenSSH 6.0: April 22, 2012
    • This is primarily a bugfix release.
  • OpenSSH 5.9: September 6, 2011
  • OpenSSH 5.8: February 4, 2011
  • OpenSSH 5.7: January 24, 2011
  • OpenSSH 5.6: August 23, 2010
  • OpenSSH 5.5: April 16, 2010
  • OpenSSH 5.4: March 8, 2010
    • Disabled SSH protocol 1 default support. Clients and servers must now explicitly enable it.
    • Added PKCS11 authentication support for ssh(1) (-I pkcs11)
    • Added Certificate based authentication
    • Added "Netcat mode" for ssh(1) (-W host:port). Similar to "-L tunnel", but forwards instead stdin and stdout. This allows, for example, using ssh(1) itself as a ssh(1) ProxyCommand to route connections via intermediate servers, without the need for nc(1) on the server machine.
    • Added the ability to revoke public keys in sshd(8) and ssh(1). While it was already possible to remove the keys from authorised lists, revoked keys will now trigger a warning if used.
  • OpenSSH 5.3: October 1, 2009
  • OpenSSH 5.2: February 23, 2009
  • OpenSSH 5.1: July 21, 2008
  • OpenSSH 5.0: April 3, 2008
  • OpenSSH 4.9: March 30, 2008
    • Added chroot support for sshd(8)
    • Create an internal SFTP server for easier use of the chroot functionality
  • OpenSSH 4.7: September 4, 2007
  • OpenSSH 4.6: March 9, 2007
  • OpenSSH 4.5: November 7, 2006
  • OpenSSH 4.4: September 27, 2006
  • OpenSSH 4.3: February 1, 2006
    • Added OSI layer 2/3 tun-based VPN (-w option on ssh(1))
  • OpenSSH 4.2: September 1, 2005
  • OpenSSH 4.1: May 26, 2005
  • OpenSSH 4.0: March 9, 2005
  • OpenSSH 3.9: August 17, 2004
  • OpenSSH 3.8: February 24, 2004
  • OpenSSH 3.7.1: September 16, 2003
  • OpenSSH 3.7: September 16, 2003
  • OpenSSH 3.6.1: April 1, 2003
  • OpenSSH 3.6: March 31, 2003
  • OpenSSH 3.5: October 14, 2002
  • OpenSSH 3.4: June 26, 2002
  1. http://www.openssh.com/txt/release-7.5
  2. http://www.openssh.com/txt/release-7.4
  3. http://www.openssh.com/txt/release-7.3
  4. "OpenSSH 7.1 Release Notes". openssh.com. 2015-08-20. Retrieved 2015-09-01.
  5. "OpenSSH 7.0 Release Notes". openssh.com. 2015-08-11. Retrieved 2015-08-18.
  6. "OpenSSH 6.9 Release Notes". openssh.com. 2015-07-01. Retrieved 2015-08-12.
  7. Murenin, Constantine A. (2015-02-01). Soulskill, ed. "OpenSSH Will Feature Key Discovery and Rotation For Easier Switching To Ed25519". Slashdot. Retrieved 2015-02-01.
  8. Murenin, Constantine A. (2014-04-30). Soulskill, ed. "OpenSSH No Longer Has To Depend On OpenSSL". Slashdot. Retrieved 2014-12-26.
  9. Miller, Damien (2013-12-02). "ssh/PROTOCOL.chacha20poly1305". BSD Cross Reference, OpenBSD src/usr.bin/. Retrieved 2014-12-26.
  10. Murenin, Constantine A. (2013-12-11). Unknown Lamer, ed. "OpenSSH Has a New Cipher — Chacha20-poly1305 — from D.J. Bernstein". Slashdot. Retrieved 2014-12-26.