Ubuntu
openssh package

openssh 1:9.0p1-1 source package in Ubuntu

Changelog

openssh (1:9.0p1-1) unstable; urgency=medium

  * New upstream release (https://www.openssh.com/releasenotes.html#9.0p1):
    - scp(1): Use the SFTP protocol by default (closes: #144579, #204546,
      #327019). This changes scp's quoting semantics by no longer performing
      wildcard expansion using the remote shell, and (with some server
      versions) no longer expanding ~user paths. The -O option is available
      to use the old protocol. See NEWS.Debian for more details.
    - ssh(1), sshd(8): use the hybrid Streamlined NTRU Prime + x25519 key
      exchange method by default ("<email address hidden>").
      The NTRU algorithm is believed to resist attacks enabled by future
      quantum computers and is paired with the X25519 ECDH key exchange (the
      previous default) as a backstop against any weaknesses in NTRU Prime
      that may be discovered in the future. The combination ensures that the
      hybrid exchange offers at least as good security as the status quo.
    - sftp-server(8): support the "copy-data" extension to allow server-
      side copying of files/data, following the design in
      draft-ietf-secsh-filexfer-extensions-00.
    - sftp(1): add a "cp" command to allow the sftp client to perform
      server-side file copies.
    - ssh(1), sshd(8): upstream: fix poll(2) spin when a channel's output fd
      closes without data in the channel buffer (closes: #1007822).
    - sshd(8): pack pollfd array in server listen/accept loop. Could cause
      the server to hang/spin when MaxStartups > RLIMIT_NOFILE.
    - ssh-keygen(1): avoid NULL deref via the find-principals and
      check-novalidate operations. bz3409 and GHPR307 respectively.
    - scp(1): fix a memory leak in argument processing.
    - sshd(8): don't try to resolve ListenAddress directives in the sshd
      re-exec path. They are unused after re-exec and parsing errors
      (possible for example if the host's network configuration changed)
      could prevent connections from being accepted.
    - sshd(8): when refusing a public key authentication request from a
      client for using an unapproved or unsupported signature algorithm
      include the algorithm name in the log message to make debugging
      easier.
    - ssh(1), sshd(8): Fix possible integer underflow in scan_scaled(3)
      parsing of K/M/G/etc quantities.
    - sshd(8): default to not using sandbox when cross compiling. On most
      systems poll(2) does not work when the number of FDs is reduced with
      setrlimit, so assume it doesn't when cross compiling and we can't run
      the test.
  * Remove obsolete FAQ, removed from openssh.com in 2016.

 -- Colin Watson <email address hidden>  Sat, 09 Apr 2022 14:14:10 +0100

Upload details

Uploaded by:
Debian OpenSSH Maintainers
Uploaded to:
Sid
Original maintainer:
Debian OpenSSH Maintainers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssh_9.0p1-1.dsc 3.3 KiB ff368f3247c89eea2be10cd2ad2fcb9d0811fc6652c9cab9d01d087203e28fdd
openssh_9.0p1.orig.tar.gz 1.7 MiB 03974302161e9ecce32153cfa10012f1e65c8f3750f573a73ab1befd5972a28a
openssh_9.0p1.orig.tar.gz.asc 833 bytes 5db3a2eb3e8e9c8ae62527ea55f5a6fa41c395ebd0bbb65f4b3dfebeeee5fa00
openssh_9.0p1-1.debian.tar.xz 172.0 KiB 46f24ab534892c55c82ebafdac23564579f9be73a7cc0230730a2e6aa64e17ab

Available diffs

No changes file available.

Binary packages built by this source

openssh-client: secure shell (SSH) client, for secure access to remote machines

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the ssh, scp and sftp clients, the ssh-agent
 and ssh-add programs to make public key authentication more convenient,
 and the ssh-keygen, ssh-keyscan, ssh-copy-id and ssh-argv0 utilities.
 .
 In some countries it may be illegal to use any encryption at all
 without a special permit.
 .
 ssh replaces the insecure rsh, rcp and rlogin programs, which are
 obsolete for most purposes.

openssh-client-dbgsym: debug symbols for openssh-client
openssh-server: secure shell (SSH) server, for secure access from remote machines

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the sshd server.
 .
 In some countries it may be illegal to use any encryption at all
 without a special permit.
 .
 sshd replaces the insecure rshd program, which is obsolete for most
 purposes.

openssh-server-dbgsym: debug symbols for openssh-server
openssh-sftp-server: secure shell (SSH) sftp server module, for SFTP access from remote machines

 This is the portable version of OpenSSH, a free implementation of
 the Secure Shell protocol as specified by the IETF secsh working
 group.
 .
 Ssh (Secure Shell) is a program for logging into a remote machine
 and for executing commands on a remote machine.
 It provides secure encrypted communications between two untrusted
 hosts over an insecure network. X11 connections and arbitrary TCP/IP
 ports can also be forwarded over the secure channel.
 It can be used to provide applications with a secure communication
 channel.
 .
 This package provides the SFTP server module for the SSH server. It
 is needed if you want to access your SSH server with SFTP. The SFTP
 server module also works with other SSH daemons like dropbear.
 .
 OpenSSH's sftp and sftp-server implement revision 3 of the SSH filexfer
 protocol described in:
 .
  http://www.openssh.com/txt/draft-ietf-secsh-filexfer-02.txt
 .
 Newer versions of the draft will not be supported, though some features
 are individually implemented as extensions.

openssh-sftp-server-dbgsym: debug symbols for openssh-sftp-server
openssh-tests: OpenSSH regression tests

 This package provides OpenSSH's regression test suite. It is mainly
 intended for use with the autopkgtest system, though can also be run
 directly using /usr/lib/openssh/regress/run-tests.

openssh-tests-dbgsym: debug symbols for openssh-tests
ssh: secure shell client and server (metapackage)

 This metapackage is a convenient way to install both the OpenSSH client
 and the OpenSSH server. It provides nothing in and of itself, so you
 may remove it if nothing depends on it.

ssh-askpass-gnome: interactive X program to prompt users for a passphrase for ssh-add

 This has been split out of the main openssh-client package so that
 openssh-client does not need to depend on GTK+.
 .
 You probably want the ssh-askpass package instead, but this is
 provided to add to your choice and/or confusion.

ssh-askpass-gnome-dbgsym: debug symbols for ssh-askpass-gnome