[ANN]: Testversion OpenSSH-20010202

Corinna Vinschen cygwin@cygwin.com
Fri Feb 2 15:08:00 GMT 2001

• Previous message (by thread): Help! What is a slashpatch and how do I undo it?
• Next message (by thread): Linking Library
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Hi,
I have just uploaded a new version of OpenSSH.
**********************************************************************
*** Please note that this is a TEST VERSION. ***
**********************************************************************
It's not a final version but is created from the current OpenSSH
CVS repository. I have added this version here to allow a bit of
testing what will be new in the next official version of OpenSSH
which will be 2.4.0p1.
To update your installation, click on the "Install Cygwin now" link on
the http://sources.redhat.com/cygwin web page. This downloads setup.exe
to your system. Run setup and answer all of the questions.
**********************************************************************
*** PLEASE, PLEASE, PLEASE, choose a mirror site for your download ***
**********************************************************************
even if it might take a will until this new archive is propagated
to the mirrors. The 'sources.redhat.com' site is badly overloaded.
Ok, what's new and of interest:
- This is the first Cygwin OpenSSH version compiled using OpenSSL-0.9.6.
- This version is compiled using socketpairs, not pipes.
- ssh-config is now substituted by ssh-host-config and ssh-user-config.
 Read http://cygwin.com/ml/cygwin/2001-01/msg00357.html for more
 information on this.
- F-SECURE 2.0.12 support. This means, that SSH2 authentication
 with F-SECURE is possible now. This should work in both
 directions. Personally I have only tested the client side.
- -R portforwarding using SSH2 protocol.
- New SSH2 RSA authentication.
 ********************************************************************
 *** Note, that the SSH2 RSA keys are not compatible to the SSH2 ***
 *** RSA keys of the previous test version 20001221!!! There's no ***
 *** chance to interoperate between that two versions using the ***
 *** SSH2 RSA keys. You will have to erase all old SSH2 RSA keys ***
 *** on your machines and recreate them using the new version of ***
 *** ssh-keygen. You also have to delete them from all your ***
 *** authorized_keys2 and known_hosts2 files. ***
 *** The reason for that change is to make the SSH2 RSA key ***
 *** format conforming to the ietf-drafts. ***
 ********************************************************************
 The new RSA authentications works similar to the current SSH2 DSA
 keys, but requires a little modification to config files. Currently
 RSA key cannot be shared between SSH1 and SSH2.
 To generate keys, ssh-keygen now has a type '-t' parameter. Valid
 types are 'rsa1' (for SSH1 RSA keys), 'rsa' (SSH2 RSA) and 'dsa'
 (SSH2 DSA). Eg. "ssh-keygen -t rsa -f ~/.ssh/id_rsa" will generate
 a new SSH2 RSA key.
 For public key authentication, just copy the public portion of the
 RSA key into your ~/.ssh/authorized_keys2 file. It is normal for the
 public RSA keys to be shorter than DSA keys.
 SSH2 RSA keys are fully supported by ssh-agent. Keys are tried in the
 order in which they are added to the agent, so 'ssh-add' your RSA key
 first if you want to try it out.
 For the server, all hostkeys are now unified and sshd will
 automatically detect the type of a host key. The 'HostDSAKey'
 option is therefore deprecated in favor of 'HostKey'. To specify
 RSA and DSA keys for SSH2 use, just use more 'HostKey' options.
 The 'DSAAuthentication' option is deprecated in favour of the
 general 'PubkeyAuthentication' option.
 The host key section of my sshd_config looks like this:
 HostKey /etc/ssh/ssh_host_key
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_dsa_key
 For the client, the 'IdentityFile2' option is deprecated in favor of
 an autodetecting 'IdentityFile' option. You can specify rsa1, dsa and
 rsa keys using this option.
 RSA pubkey auth seems a little quicker than DSA and it is not
 vulnerable to the problems described in the WARNING.RNG file in
 the source archive.
Have fun,
Corinna
-- 
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple

---

• Previous message (by thread): Help! What is a slashpatch and how do I undo it?
• Next message (by thread): Linking Library
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Cygwin mailing list