Changelog
openssh (1:8.4p1-1) unstable; urgency=medium
* New upstream release (https://www.openssh.com/txt/release-8.4):
- [SECURITY] ssh-agent(1): restrict ssh-agent from signing web
challenges for FIDO/U2F keys.
- [SECURITY] ssh-keygen(1): Enable FIDO 2.1 credProtect extension when
generating a FIDO resident key.
- ssh-keygen(1): the format of the attestation information optionally
recorded when a FIDO key is generated has changed. It now includes the
authenticator data needed to validate attestation signatures.
- The API between OpenSSH and the FIDO token middleware has changed and
the SSH_SK_VERSION_MAJOR version has been incremented as a result.
Third-party middleware libraries must support the current API version
(7) to work with OpenSSH 8.4.
- ssh(1), ssh-keygen(1): support for FIDO keys that require a PIN for
each use. These keys may be generated using ssh-keygen using a new
"verify-required" option. When a PIN-required key is used, the user
will be prompted for a PIN to complete the signature operation.
- sshd(8): authorized_keys now supports a new "verify-required" option
to require FIDO signatures assert that the token verified that the
user was present before making the signature. The FIDO protocol
supports multiple methods for user-verification, but currently OpenSSH
only supports PIN verification.
- sshd(8), ssh-keygen(1): add support for verifying FIDO webauthn
signatures. Webauthn is a standard for using FIDO keys in web
browsers. These signatures are a slightly different format to plain
FIDO signatures and thus require explicit support.
- ssh(1): allow some keywords to expand shell-style ${ENV} environment
variables. The supported keywords are CertificateFile, ControlPath,
IdentityAgent and IdentityFile, plus LocalForward and RemoteForward
when used for Unix domain socket paths.
- ssh(1), ssh-agent(1): allow some additional control over the use of
ssh-askpass via a new $SSH_ASKPASS_REQUIRE environment variable,
including forcibly enabling and disabling its use (closes: #368657).
- ssh(1): allow ssh_config(5)'s AddKeysToAgent keyword accept a time
limit for keys in addition to its current flag options. Time-limited
keys will automatically be removed from ssh-agent after their expiry
time has passed.
- scp(1), sftp(1): allow the -A flag to explicitly enable agent
forwarding in scp and sftp. The default remains to not forward an
agent, even when ssh_config enables it.
- ssh(1): add a '%k' TOKEN that expands to the effective HostKey of the
destination. This allows, e.g., keeping host keys in individual files
using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k" (closes: #481250).
- ssh(1): add %-TOKEN, environment variable and tilde expansion to the
UserKnownHostsFile directive, allowing the path to be completed by the
configuration.
- ssh-keygen(1): allow "ssh-add -d -" to read keys to be deleted from
stdin.
- sshd(8): improve logging for MaxStartups connection throttling. sshd
will now log when it starts and stops throttling and periodically
while in this state.
- ssh(1), ssh-keygen(1): better support for multiple attached FIDO
tokens. In cases where OpenSSH cannot unambiguously determine which
token to direct a request to, the user is now required to select a
token by touching it. In cases of operations that require a PIN to be
verified, this avoids sending the wrong PIN to the wrong token and
incrementing the token's PIN failure counter (tokens effectively erase
their keys after too many PIN failures).
- sshd(8): fix Include before Match in sshd_config (LP: #1885990).
- ssh(1): close stdin/out/error when forking after authentication
completes ("ssh -f ...").
- ssh(1), sshd(8): limit the amount of channel input data buffered,
avoiding peers that advertise large windows but are slow to read from
causing high memory consumption.
- ssh-agent(1): handle multiple requests sent in a single write() to the
agent.
- sshd(8): allow sshd_config longer than 256k.
- sshd(8): avoid spurious "Unable to load host key" message when sshd
load a private key but no public counterpart.
- ssh(1): prefer the default hostkey algorithm list whenever we have a
hostkey that matches its best-preference algorithm.
- sshd(1): when ordering the hostkey algorithms to request from a
server, prefer certificate types if the known_hosts files contain a
key marked as a @cert-authority.
- ssh(1): perform host key fingerprint comparisons for the "Are you sure
you want to continue connecting (yes/no/[fingerprint])?" prompt with
case sensitivity.
- sshd(8): ensure that address/masklen mismatches in sshd_config yield
fatal errors at daemon start time rather than later when they are
evaluated.
- ssh-keygen(1): ensure that certificate extensions are lexically
sorted. Previously if the user specified a custom extension then the
everything would be in order except the custom ones.
- ssh(1): also compare username when checking for JumpHost loops.
- ssh-keygen(1): preserve group/world read permission on known_hosts
files across runs of "ssh-keygen -Rf /path". The old behaviour was to
remove all rights for group/other.
- ssh-keygen(1): Mention the [-a rounds] flag in the ssh-keygen manual
page and usage().
- sshd(8): explicitly construct path to ~/.ssh/rc rather than relying on
it being relative to the current directory, so that it can still be
found if the shell startup changes its directory.
- sshd(8): when redirecting sshd's log output to a file, undo this
redirection after the session child process is forked(). Fixes missing
log messages when using this feature under some circumstances.
- sshd(8): start ClientAliveInterval bookkeeping before first pass
through select() loop; fixed theoretical case where busy sshd may
ignore timeouts from client.
- ssh(1): only reset the ServerAliveInterval check when we receive
traffic from the server and ignore traffic from a port forwarding
client, preventing a client from keeping a connection alive when it
should be terminated.
- ssh-keygen(1): avoid spurious error message when ssh-keygen creates
files outside ~/.ssh.
- sftp-client(1): fix off-by-one error that caused sftp downloads to
make one more concurrent request that desired. This prevented using
sftp(1) in unpipelined request/response mode, which is useful when
debugging.
- ssh(1), sshd(8): handle EINTR in waitfd() and timeout_connect()
helpers.
- ssh(1), ssh-keygen(1): defer creation of ~/.ssh until we attempt to
write to it so we don't leave an empty .ssh directory when it's not
needed.
- ssh(1), sshd(8): fix multiplier when parsing time specifications when
handling seconds after other units.
- sshd(8): always send any PAM account messages. If the PAM account
stack returns any messages, always send them to the user and not just
if the check succeeds.
- gnome-ssh-askpass3: ensure the "close" button is not focused by
default for SSH_ASKPASS_PROMPT=none prompts. Avoids space/enter
accidentally dismissing FIDO touch notifications.
- gnome-ssh-askpass3: allow some control over textarea colour via
$GNOME_SSH_ASKPASS_FG_COLOR and $GNOME_SSH_ASKPASS_BG_COLOR
environment variables.
- Detect the Frankenstein monster of Linux/X32 and allow the sandbox to
function there.
-- Colin Watson <email address hidden> Tue, 20 Oct 2020 14:15:17 +0100
