On Fri, 22 Mar 2013 OpenSSH 6.2 was released and like always, bring more improvements including support for multiple required authentication in SSH
protocol 2 via an AuthenticationMethods option:

sshd(8): Added support for multiple required authentication in SSH
   protocol 2 via an AuthenticationMethods option. This option lists
   one or more comma-separated lists of authentication method names.
   Successful completion of all the methods in any list is required for
   authentication to complete. This allows, for example, requiring a
   user having to authenticate via public key or GSSAPI before they
   are offered password authentication.

You can read more about this release here:

OpenSSH 5.9 released

Valic —  September 9, 2011 — Leave a comment

OpenSSH 5.9 has beed released. OpenSSH is a free SSH suite developed by the OpenBSD Project.

New features are sandboxing, an optional (experimental) feature to prevent compromised privsep child from being used to attack other hosts, new SHA256-based HMAC transport integrity modes, the pre-authentication sshd process logs through a shared socket of the master process now to avoid the need to maintain /dev/log inside a chroot, ssh now warns when a server refuses X11 forwarding, the sshd_config option AuthorizedKeysFile accepts multiple paths (separated by whitespace), retain key comments when loading v.2 keys and graceful shutdown of multipexing connections with the ssh -O stop command.

The complete list of new features and bugfixes is available in the offical release notes:

Download of the new OpenSSH Version:


OpenSSH 5.7 released

Valic —  January 24, 2011 — Leave a comment

OpenSSH 5.7 has just been released. It will be available from the mirrors listed at shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project.

Changes since OpenSSH 5.6


* Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA
offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys.

Continue Reading…

OpenSSH 5.6 released

Valic —  August 30, 2010 — Leave a comment

OpenSSH 5.6 has just been released. It will be available from the mirrors listed at shortly.


* Added a ControlPersist option to ssh_config(5) that automatically starts a background ssh(1) multiplex master when connecting. This connection can stay alive indefinitely, or can be set to automatically close after a user-specified duration of inactivity.

* Hostbased authentication may now use certificate host keys. CA keys must be specified in a known_hosts file using the @cert-authority marker as described in sshd(8).

* ssh-keygen(1) now supports signing certificate using a CA key that has been stored in a PKCS#11 token.

* ssh(1) will now log the hostname and address that we connected to at LogLevel=verbose after authentication is successful to mitigate “phishing” attacks by servers with trusted keys that accept authentication silently and automatically before presenting fake password/passphrase prompts.

Note that, for such an attack to be successful, the user must have disabled StrictHostKeyChecking (enabled by default) or an attacker must have access to a trusted host key for the destination server.

* Expand %h to the hostname in ssh_config Hostname options. While this sounds useless, it is actually handy for working with unqualified

Continue Reading…

Page 1 of 11