Last commit made on 2017-03-30
Get this branch:
git clone -b ubuntu/zesty https://git.launchpad.net/ubuntu/+source/openssh
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

2d6a7b7... by Colin Watson on 2017-03-30

Import patches-unapplied version 1:7.4p1-10 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 94a006df0dee470be9fb627968eaa05377579243

New changelog entries:
  * Move privilege separation directory and PID file from /var/run/ to /run/
    (closes: #760422, #856825).
  * Unbreak Unix domain socket forwarding for root (closes: #858252).

94a006d... by Colin Watson on 2017-03-16

Import patches-unapplied version 1:7.4p1-9 to debian/sid

Imported using git-ubuntu import.

Changelog parent: caf5e54529906c23d6564b94d0ac5a79dae88f48

New changelog entries:
  * Fix null pointer dereference in ssh-keygen; this fixes an autopkgtest
    regression introduced in 1:7.4p1-8.

caf5e54... by Colin Watson on 2017-03-14

Import patches-unapplied version 1:7.4p1-8 to debian/sid

Imported using git-ubuntu import.

Changelog parent: cff7b0b8b7d65a13457fa19cd04efe1e6f336650

New changelog entries:
  * Fix ssh-keygen -H accidentally corrupting known_hosts that contained
    already-hashed entries (closes: #851734, LP: #1668093).
  * Fix ssh-keyscan to correctly hash hosts with a port number (closes:
    #857736, LP: #1670745).

cff7b0b... by Colin Watson on 2017-03-05

Import patches-unapplied version 1:7.4p1-7 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e5871a1970dbd5e633e2e58cc3e3aa72364669fd

New changelog entries:
  * Don't set "PermitRootLogin yes" on fresh installations (regression
    introduced in 1:7.4p1-1; closes: #852781).
  * Restore reading authorized_keys2 by default. Upstream seems to intend
    to gradually phase this out, so don't assume that this will remain the
    default forever. However, we were late in adopting the upstream
    sshd_config changes, so it makes sense to extend the grace period
    (closes: #852320).

e5871a1... by Colin Watson on 2017-01-16

Import patches-unapplied version 1:7.4p1-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e95a9b2d2e8d1db50334c83a31be63dceecd3a79

New changelog entries:
  * Remove temporary file on exit from postinst (closes: #850275).
  * Remove LOGIN_PROGRAM and LOGIN_NO_ENDOPT definitions, since UseLogin is
  * Document sshd_config changes that may be needed following the removal of
    protocol 1 support from sshd (closes: #851573).
  * Remove ssh_host_dsa_key from HostKey default (closes: #850614).
  * Fix rekeying failure with GSSAPI key exchange (thanks, Harald Barth;
    closes: #819361, LP: #1608965).

e95a9b2... by Colin Watson on 2017-01-03

Import patches-unapplied version 1:7.4p1-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: dbc2736c096741cf45bee5db8fb7fb8c65b483f3

New changelog entries:
  * Create mux socket for regression tests in a temporary directory.
  * Work around clock_gettime kernel bug on Linux x32 (closes: #849923).

dbc2736... by Colin Watson on 2017-01-02

Import patches-unapplied version 1:7.4p1-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7b831e21d12df6af234654207fb3f60a2252a15f

New changelog entries:
  * Run regression tests inside annotate-output to try to diagnose timeout
  * Make integrity tests more robust against timeouts in the case where the
    first test in a series for a given MAC happens to modify the low bytes
    of a packet length.
  * Fix race conditions in forwarding tests.

7b831e2... by Colin Watson on 2016-12-31

Import patches-unapplied version 1:7.4p1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 85dca76fa6b606e0137dad90489449ec6d566a88

New changelog entries:
  * Revert attempted hack around regress/forwarding.sh test failure, since
    it doesn't seem to help.
  * Run regression tests using 'sh -x' to try to get more information about
  * Dump some useful log files if regression tests fail.
  * Tweak regression test setup to cope with the case where some of the
    source directory is unreadable by the openssh-tests user.

85dca76... by Colin Watson on 2016-12-29

Import patches-unapplied version 1:7.4p1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1345838eb7867cd30168e5c11a1a642dde00b84b

New changelog entries:
  * Attempt to hack around regress/forwarding.sh test failure in some
  * Avoid calling into Kerberos libraries from ssh_gssapi_server_mechanisms
    in the privsep monitor.

1345838... by Colin Watson on 2016-12-27

Import patches-unapplied version 1:7.4p1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b18a02a62f23b8e6a2e459db5647f84f73bd7425

New changelog entries:
  * New upstream release (http://www.openssh.com/txt/release-7.4):
    - ssh(1): Remove 3des-cbc from the client's default proposal. 64-bit
      block ciphers are not safe in 2016 and we don't want to wait until
      attacks like SWEET32 are extended to SSH. As 3des-cbc was the only
      mandatory cipher in the SSH RFCs, this may cause problems connecting
      to older devices using the default configuration, but it's highly
      likely that such devices already need explicit configuration for key
      exchange and hostkey algorithms already anyway.
    - sshd(8): When a forced-command appears in both a certificate and an
      authorized keys/principals command= restriction, sshd will now refuse
      to accept the certificate unless they are identical. The previous
      (documented) behaviour of having the certificate forced-command
      override the other could be a bit confusing and error-prone.
    - sshd(8): Remove the UseLogin configuration directive and support for
      having /bin/login manage login sessions.
    - CVE-2016-10009: ssh-agent(1): Will now refuse to load PKCS#11 modules
      from paths outside a trusted whitelist (run-time configurable).
      Requests to load modules could be passed via agent forwarding and an
      attacker could attempt to load a hostile PKCS#11 module across the
      forwarded agent channel: PKCS#11 modules are shared libraries, so this
      would result in code execution on the system running the ssh-agent if
      the attacker has control of the forwarded agent-socket (on the host
      running the sshd server) and the ability to write to the filesystem of
      the host running ssh-agent (usually the host running the ssh client)
      (closes: #848714).
    - CVE-2016-10010: sshd(8): When privilege separation is disabled,
      forwarded Unix-domain sockets would be created by sshd(8) with the
      privileges of 'root' instead of the authenticated user. This release
      refuses Unix-domain socket forwarding when privilege separation is
      disabled (Privilege separation has been enabled by default for 14
      years) (closes: #848715).
    - CVE-2016-10011: sshd(8): Avoid theoretical leak of host private key
      material to privilege-separated child processes via realloc() when
      reading keys. No such leak was observed in practice for normal-sized
      keys, nor does a leak to the child processes directly expose key
      material to unprivileged users (closes: #848716).
    - CVE-2016-10012: sshd(8): The shared memory manager used by
      pre-authentication compression support had a bounds checks that could
      be elided by some optimising compilers. Additionally, this memory
      manager was incorrectly accessible when pre-authentication compression
      was disabled. This could potentially allow attacks against the
      privileged monitor process from the sandboxed privilege-separation
      process (a compromise of the latter would be required first). This
      release removes support for pre-authentication compression from
      sshd(8) (closes: #848717).
    - SECURITY: sshd(8): Validate address ranges for AllowUser and DenyUsers
      directives at configuration load time and refuse to accept invalid
      ones. It was previously possible to specify invalid CIDR address
      ranges (e.g. user@ and these would always match, possibly
      resulting in granting access where it was not intended.
    - ssh(1): Add a proxy multiplexing mode to ssh(1) inspired by the
      version in PuTTY by Simon Tatham. This allows a multiplexing client
      to communicate with the master process using a subset of the SSH
      packet and channels protocol over a Unix-domain socket, with the main
      process acting as a proxy that translates channel IDs, etc. This
      allows multiplexing mode to run on systems that lack file-descriptor
      passing (used by current multiplexing code) and potentially, in
      conjunction with Unix-domain socket forwarding, with the client and
      multiplexing master process on different machines. Multiplexing proxy
      mode may be invoked using "ssh -O proxy ...".
    - sshd(8): Add a sshd_config DisableForwarding option that disables X11,
      agent, TCP, tunnel and Unix domain socket forwarding, as well as
      anything else we might implement in the future. Like the 'restrict'
      authorized_keys flag, this is intended to be a simple and future-proof
      way of restricting an account.
    - sshd(8), ssh(1): Support the "curve25519-sha256" key exchange method.
      This is identical to the currently-supported method named
      "<email address hidden>".
    - sshd(8): Improve handling of SIGHUP by checking to see if sshd is
      already daemonised at startup and skipping the call to daemon(3) if it
      is. This ensures that a SIGHUP restart of sshd(8) will retain the
      same process-ID as the initial execution. sshd(8) will also now
      unlink the PidFile prior to SIGHUP restart and re-create it after a
      successful restart, rather than leaving a stale file in the case of a
      configuration error.
    - sshd(8): Allow ClientAliveInterval and ClientAliveCountMax directives
      to appear in sshd_config Match blocks.
    - sshd(8): Add %-escapes to AuthorizedPrincipalsCommand to match those
      supported by AuthorizedKeysCommand (key, key type, fingerprint, etc.)
      and a few more to provide access to the contents of the certificate
      being offered.
    - ssh(1): Allow IdentityFile to successfully load and use certificates
      that have no corresponding bare public key.
    - ssh(1): Fix public key authentication when multiple authentication is
      in use and publickey is not just the first method attempted.
    - ssh(1): Improve reporting when attempting to load keys from PKCS#11
      tokens with fewer useless log messages and more detail in debug
    - ssh(1): When tearing down ControlMaster connections, don't pollute
      stderr when LogLevel=quiet.
    - sftp(1): On ^Z wait for underlying ssh(1) to suspend before suspending
      sftp(1) to ensure that ssh(1) restores the terminal mode correctly if
      suspended during a password prompt.
    - ssh(1): Avoid busy-wait when ssh(1) is suspended during a password
      prompt (LP: #1646813).
    - ssh(1), sshd(8): Correctly report errors during sending of ext-info
    - sshd(8): Fix NULL-deref crash if sshd(8) received an out-of-sequence
      NEWKEYS message.
    - sshd(8): Correct list of supported signature algorithms sent in the
      server-sig-algs extension.
    - sshd(8): Fix sending ext_info message if privsep is disabled.
    - sshd(8): More strictly enforce the expected ordering of privilege
      separation monitor calls used for authentication and allow them only
      when their respective authentication methods are enabled in the
    - sshd_config(5): Use 2001:db8::/32, the official IPv6 subnet for
      configuration examples.
    - On environments configured with Turkish locales, fall back to the
      C/POSIX locale to avoid errors in configuration parsing caused by that
      locale's unique handling of the letters 'i' and 'I' (LP: #1638338).
    - contrib: Add a gnome-ssh-askpass3 with GTK+3 support.
    - sshd(8): Improve PRNG reseeding across privilege separation and force
      libcrypto to obtain a high-quality seed before chroot or sandboxing.
  * Apply "wrap-and-sort -at -f debian/control -f debian/tests/control".
  * Remove entries related to protocol 1 from the default sshd_config
    generated on new installations.
  * Remove some advice related to protocol 1 from README.Debian.
  * Start handling /etc/ssh/sshd_config using ucf. The immediate motivation
    for this is to deal with deprecations of options related to protocol 1,
    but something like this has been needed for a long time (closes:
    #419574, #848089):
    - sshd_config is now a slightly-patched version of upstream's, and only
      contains non-default settings (closes: #147201).
    - I've included as many historical md5sums of default versions of
      sshd_config as I could reconstruct from version control, but I'm sure
      I've missed some.
    - Explicitly synchronise the debconf database with the current
      configuration file state in openssh-server.config, to ensure that the
      PermitRootLogin setting is properly preserved.
    - UsePrivilegeSeparation now defaults to the stronger "sandbox" rather
      than "yes", per upstream.
  * Remove redundant "GSSAPIDelegateCredentials no" from ssh_config (already
    the upstream default), and document that setting ServerAliveInterval to
    300 by default if BatchMode is set is Debian-specific (closes: #765630).
  * Build gnome-ssh-askpass with GTK+ 3 (LP: #801187).
  * When running regression tests under autopkgtest, use a non-root user
    with passwordless sudo.