OpenSSH-3.8p1
| Reported by: |
billyoc@… |
Owned by: |
blfs-book@… |
|
Priority:
|
high
|
Milestone:
|
|
|
Component:
|
BOOK
|
Version:
|
~CVS
|
|
Severity:
|
normal
|
Keywords:
|
VERIFIED
|
|
Cc:
|
|
|
|
- sshd(8) now supports forced changes of expired passwords via
/usr/bin/passwd or keyboard-interactive authentication.
Note for AIX: sshd will now deny password access to accounts with
passwords expired longer than their maxexpired attribute. For
details, see the AIX section in README.platform.
- ssh(1) now uses untrusted cookies for X11-Forwarding.
Some X11 applications might need full access to the X11 server,
see ForwardX11Trusted in ssh(1) and xauth(1) for more information.
- ssh(1) now supports sending application layer
keep-alive messages to the server. See ServerAliveInterval
in ssh(1) for more information.
- Improved sftp(1) batch file support.
- New KerberosGetAFSToken option for sshd(8).
- Updated /etc/moduli file and improved performance for
protocol version 2.
- Support for host keys in DNS (draft-ietf-secsh-dns-xx.txt).
Please see README.dns in the source distribution for details.
- Fix a number of memory leaks.
- The experimental "gssapi" support has been replaced with
the "gssapi-with-mic" to fix possible MITM attacks.
The two versions are not compatible.
non-bsd version number