OpenSSH 7.0 Secure Shell Arrives

Aug 11, 2015

Users should upgrade to the new version as soon as possible

The OpenSSH project has announced OpenSSH 7.0, a major new release that addresses several security issues associated with previous versions. According to the announcement by OpenSSH developer Damien Miller, the focus of the new release is β€œto deprecate weak, legacy, and/or unsafe cryptography.”

Some of the problems fixed with the new release include:

  • OpenSSH 6.8 and 6.9 incorrectly made TTYs world-writable.
  • The Portable SSH variant had a privilege escalation issue related to PAM support.
  • Previous editions allow an attacker to circumvent MaxAuthTries using keyboard-interactive authentication.  

New features available with this release include improvements to public key types and ciphers, as well as a new prohibit-password setting. OpenSSH 7.0 also comes with several bug fixes for better security and improved usability. OpenSSH is maintained by the OpenBSD project. Watch your distro's app repository for soon-to-arrive OpenSSH 7.0 binary packages.

Related content

comments powered by Disqus