Openssh Release 10.1

Altus Intel
Altus Intel
  • Date Time

published release Openssh 10.1 , open sales of a client and server for working on the protocols SSH 2.0 and SFTP.

Basic Changes :

  • Safety problem that allows the attacking shall through manipulations with special systems in the user or URI name, which could be executed when the command was completed by the command of the command indicated through the setting “Proxycommand” and containing the substitution “%u”. The problem affects only the systems that allow users or URI to be the substitution of SSH, obtained from the sources of undeserved confidence.

    to block such attacks, the use of control characters in the names of users indicated when launching in the command line or set up in settings through a %performance. The use of the zero symbol (” 0″) in URI SSH: //. The exception is made only for the names specified in the configuration file (it is understood that the configuration file deserves trust).

  • SSH and SSH-Agent UD25519 support stored in PKCS#11. Configurations ssh_config added RefuseConnement, when processing which in the active section is completed the process of error removal without trying to install the connection. Match Host Foo Refuseconnection “FOO host is no longer used, connect to the Bar host”
  • to SSH and SSHD added siginfo signal processors to display the session and active channel. The certificate was provided with the conclusion into the log not only the reasons for the input blocking, but also the comprehensive information to identify a problem certificate.
  • The X11 display number is added to the SSHD, regarding the displacement specified in the X11DisplayOffSet directive.
  • The capabilities of performance measurement capabilities activated at the launch of “Make Unittest_benchmark = Yes” in OpenBSD or “Make Unit-Bench” in other systems.

are added to Compatibility:

  • in ssh added the outline of the warning when using the connection algorithm that is not resistant to the selection on the quantum computer. The warning was added due to the risk of attacks in the future, using previously preserved dumps of traffic. To disconnect the warning to SSH_Config, the Warnweakcrypto option is added. Match Host Unsafe.example.com Warnweakcrypto No
  • in SSH and SSHD, the processing of DSCP (IPQOS) quality parameters. For interactive traffic, the Class EF (Expedited Forwarding) for more priority processing in wireless networks is now exhibited by default. For non -interactive traffic, a class is set, by default used in the operating system. The traffic class can be changed using IPQOS settings in SSH_CONFIG and SSHD_Config. TOS (Type-Orvice) parameters for IPV4 in the IPQOS directive are outdated (on Menu TOS came dScp
/Reports, release notes, official announcements.

© 2025 - Altus Intel