Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH 3.5 Released

Posted by timothy on from the vavavoom dept.

Dan writes "Markus Friedl announces that OpenSSH 3.5 has just been released with notable updates since 3.4. It will be available from the mirrors listed at http://www.openssh.com/ shortly. Enhancements include bug fixes, improved support for Privilege Separation (Portability, Kerberos, PermitRootLogin handling), RSA blinding in order to avoid timing attacks against the RSA host key and much more. Congratulations are in order for the OpenSSH team's hard work and efforts."

7 of 140 comments (clear)

  1. Debian by qortra · · Score: 2, Interesting

    I'm a dedicated Debian user; does anyone know the usual lag in getting a new version of OpenSSH into the mirrors (I'm guessing it would go into testing or unstable)?

  2. embedded ports for OpenSSH by gperry · · Score: 2, Interesting

    Has anyone worked on an embedded port of OpenSSH, specifically the AMD / Alchemy au1500 MIPS core or ARM9?

  3. My one bugbear by muzzmac · · Score: 5, Interesting

    Have they put in provisions to separate the SFTP and interactive shell or command execution protocols?

    Last time I tried to play with SFTP I could not get an external company to have SFTP access without a lot of shell level mucking around to stop them having access to log in via shells or rlogin style features.

    And yes I'm lazy, yes I should ask the question in the correct forum and yes I should probably contribute to the project but I am, I couldn't be bothered finding it again and I would be useless to them.

    Anyway congratulations and thinkyou for what is other than my stupid whinge a great product. (Opensource or otherwise)

    1. Re:My one bugbear by Anonymous Coward · · Score: 1, Interesting

      check out RSSH at http://www.pizzashack.org/rssh/. From that page: rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that.

  4. Re:Slow Down by Anonymous Coward · · Score: 2, Interesting

    I beg to differ. Read the Security Notices and weep. I further contend that source of the compromise has nothing to do with the end result. As such, OpenSSH is officially on my "be wary of list" and will remain there. If not for the actual problems in OpenSSH itself, then simply because it is such a high value target.

  5. Re:Wish list item by twistedcubic · · Score: 2, Interesting

    Maybe you could try rsync -e ssh. I've never tried it, but maybe it would just download the diff, which would just be the remainder of the file in this case. Just a random thought, which may not work :)

  6. Re:Too much change? by gol64738 · · Score: 3, Interesting

    it's likely that the sysadmins had you replace your open source products with a commercial one for blame/fault purposes.
    big corporation sysadmins like to point fingers when something fucks up..otherwise, it's their head.
    by sticking to commercial software, corporate sysadmins can keep that shitball rolling, all the way back to the product company.