OpenSSH 7.8 released!

3 min read

OpenSSH 7.8 base source code was released on August 24, 2018. It includes many new features such as a fix for the username enumeration vulnerability, changes to the default format for the private key file, and many more. Additionally, support for running ssh setuid root has been removed, and a couple of new signature algorithms have been added.

The base source code is designed specifically for OpenBSD. The aim was to make the code simple, clean, minimal, and auditable. This release will be available from the mirrors listed at http://www.openssh.com/ shortly.
Let’s take a look at the features that developers can expect in this new version of OpenSSH

Changes that may affect existing configurations

ssh-keygen(1): Write OpenSSH format private keys by default instead of using OpenSSL’s PEM format. This offers better protection against offline password guessing and supports key comments in private keys.
sshd(8): Internal support for S/Key multiple factor authentication is removed. S/Key may still be used via PAM or BSD auth.
ssh(1): Vestigal support for running ssh(1) as setuid is removed.
sshd(8): The semantics of PubkeyAcceptedKeyTypes and HostbasedAcceptedKeyTypes now specify signature algorithms that are accepted for their respective authentication mechanism. This matters when using the RSA/SHA2 signature algorithms “rsa-sha2-256“, “rsa-sha2-512” and their certificate counterparts. Configurations that override these options but do not use these algorithm names may cause unexpected authentication failures.
sshd(8): The precedence of session environment variables has changed. ~/.ssh/environment and environment=”…” options in authorized_keys files can no longer override SSH_* variables set implicitly by sshd.
ssh(1)/sshd(8): The default IPQoS used by ssh/sshd has changed.Interactive traffic will use DSCP AF21and CS1 will be used for bulk.

For a detailed understanding, head over to the commit message: https://cvsweb.openbsd.org/src/usr.bin/ssh/readconf.c#rev1.28

What’s new in OpenSSH 7.8

This bugfix release has a couple of New Features in store for developers. Let’s take a look at some of the important ones.

New signature algorithms “rsa-sha2-256-cert- v01@openssh.com” and “rsa-sha2-512-cert-v01@openssh.com” to explicitly force use of RSA/SHA2 signatures in authentication. Read more at ssh(1)/sshd(8).
Some countermeasures are added against timing attacks used for account validation/enumeration. sshd will impart a minimum time or each failed authentication attempt consisting of a global 5ms minimum plus an additional per-user 0-4ms delay derived from a host secret. Fine more information at sshd(8).
In sshd(8), you can add a SetEnv directive to explicitly specify environment variables in sshd_config by an administrator. Variables set by SetEnv override the default and client-specified Environment.
In ssh(1), you can add a SetEnv directive to request that the server sets an environment variable in the session. Similar to the existing SendEnv option, these variables are set subject to server Configuration.
Clear environment variables previously marked for sending to the server by “SendEnv -PATTERN”

Bug Fixes introduced in this new version

In the sshd(8), users can avoid observable differences in request parsing that could be used to determine whether a target user is valid. They can also fix failures to read authorized_keys caused by faulty supplemental group caching. Failures can be fixed to read authorized_keys caused by faulty supplemental group caching. The relax checking of authorized_keys environment=”…” options to allow underscores in variable names (regression introduced in 7.7)

Some memory leaks in the ssh(1)/sshd(8) have been fixed. The SSH2_MSG_DEBUG messages for Twisted Conch clients in the ssh(1)/sshd(8) have also been disabled. Tunnel forwarding has also been fixed.

In ssh(1), you can now fix a pwent clobber (introduced in openssh-7.7) that could occur during key loading, manifesting as crash on some platforms.

To get a detailed overview of the features and changes introduced in portability and checksums in this new release, head over to the official release notes.