Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH 5.4 Released

Posted by timothy on from the but-it's-secret dept.

HipToday writes "As posted on the OpenBSD Journal, OpenSSH 5.4 has been released: 'Some highlights of this release are the disabling of protocol 1 by default, certificate authentication, a new "netcat mode," many changes on the sftp front (both client and server) and a collection of assorted bugfixes. The new release can already be found on a large number of mirrors and of course on www.openssh.com.'"

6 of 127 comments (clear)

  1. Cygwin's package was updated, too by klui · · Score: 4, Interesting

    The read-only feature of sftp makes it almost a replacement for anonymous ftp. Too bad it appears to be a global setting.

    1. Re:Cygwin's package was updated, too by Sancho · · Score: 4, Interesting

      Could you not do this with a combination of Match User and ForceCommand directives? Something like:

      Match User anonymous
              ForceCommand sftp-server -R
              ChrootDirectory /home/anonymous

    2. Re:Cygwin's package was updated, too by roman_mir · · Score: 4, Insightful

      Yes, you are missing the point.

      FTP is a fucking mess, I hate it, I wish I could kill it today everywhere. It is a disaster to manage with a firewall. The horrendous idea of using separate random ports for data connection vs control connections, the active/passive methods, it's is pure evil.

      SFTP is not FTP over SSH if you did not understand, it is a proper FTP that happens to run over a secured link.

      --
      You can't handle the truth.
  2. Thank you Open SSH devs by overlordofmu · · Score: 5, Informative

    I am reading this article and posting to it through a ssh tunnel using OpenSSH on a Gentoo Linux server at home and putty.exe on a work laptop running XP Pro at work.

    Firefox sees it as a SOCKS 5 proxy at localhost. The tricky part was setting the config key in Firefox called "network.proxy.socks_remote_dns" to true. (Navigate to about:config and filter for "proxy" to find this setting quickly). The corporate network admins use bogus DNS resolution as a firewall.

    I love you, OpenSSH devs. I sincerely thank you.

  3. Please note: by Anonymous Coward · · Score: 5, Interesting

    A brief quote from the project's home page:
    Please take note of our Who uses it page, which list just some of the vendors who incorporate OpenSSH into their own products -- as a critically important security / access feature -- instead of writing their own SSH implementation or purchasing one from another vendor. This list specifically includes companies like Cisco, Juniper, Apple, Red Hat, and Novell; but probably includes almost all router, switch or unix-like operating system vendors. In the 10 years since the inception of the OpenSSH project, these companies have contributed not even a dime of thanks in support of the OpenSSH project (despite numerous requests).

    So go and DONATE, as i've just done.

  4. Thanks OpenSSH | Debian Devs DO NOT TOUCH. by 0100010001010011 · · Score: 4, Funny

    OpenSSH is nothing short of magic. I too use it to tunnel out of work's firewall.

    Now, Debian Dev. DON'T TOUCH. :)