Megjelent az OpenSSH 3.2.2.
Az új OpenSSH-ban kísérleti jelleggel már elérhető a privilege separation kód is, amely a illetéktelen behatolók ellen próbál védelmet nyújtani.Markus Friedl levele alapján a változások az előző verzióhoz képest:
Security Changes:
=================
- fixed buffer overflow in Kerberos/AFS token passing
- fixed overflow in Kerberos client code
- sshd no longer auto-enables Kerberos/AFS
- experimental support for privilege separation, see UsePrivilegeSeparation in sshd(8) and http://www.citi.umich.edu/u/provos/ssh/privsep.html for more information.
- only accept RSA keys of size SSH_RSA_MINIMUM_MODULUS_SIZE (768) or larger
Other Changes:
==============
- improved smartcard support (including support for OpenSC, see www.opensc.org)
- improved Kerberos support (including support for MIT-Kerberos V)
- fixed stderr handling in protocol v2
- client reports failure if -R style TCP forwarding fails in protocol v2
- support configuration of TCP forwarding during interactive sessions (~C)
- improved support for older sftp servers
- improved support for importing old DSA keys (from ssh.com software)
- client side suport for PASSWD_CHANGEREQ in protocol v2
- fixed waitpid race conditions
- record correct lastlogin time
OpenSSH
OpenBSD