OpenSSH 3.8

* sshd(8) now supports forced changes of expired passwords via

/usr/bin/passwd or keyboard-interactive authentication.



Note for AIX: sshd will now deny password access to accounts with

passwords expired longer than their maxexpired attribute. For

details, see the AIX section in README.platform.



* ssh(1) now uses untrusted cookies for X11-Forwarding.

Some X11 applications might need full access to the X11 server,

see ForwardX11Trusted in ssh(1) and xauth(1) for more information.



* ssh(1) now supports sending application layer

keep-alive messages to the server. See ServerAliveInterval

in ssh(1) for more information.



* Improved sftp(1) batch file support.



* New KerberosGetAFSToken option for sshd(8).



* Updated /etc/moduli file and improved performance for

protocol version 2.



* Support for host keys in DNS (draft-ietf-secsh-dns-xx.txt).

Please see README.dns in the source distribution for details.



* Fix a number of memory leaks.



* The experimental "gssapi" support has been replaced with

the "gssapi-with-mic" to fix possible MITM attacks.

The two versions are not compatible.



Checksums:

==========



- MD5 (openssh-3.8.tgz) = 7d5590a333d8f8aa1fa6f19e24938700

- MD5 (openssh-3.8p1.tar.gz) = 7861a4c0841ab69a6eec5c747daff6fb



Bejelentés itt.