OpenSSH version 8.0
OpenSSH 8.0 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly.
Addressing SCP vulnerability
This new release of OpenSSH have a better security and some new key features:
- Quantum-computing resistant key exchange method: This is one of the most promising feature.
- New default RSA key size: 3072 bits.
- Mitigation for a weakness in the scp tool and protocol, reported into the Common Vulnerabilities and Exposures CVE-2019-6111.
There is also reported potentially-incompatible changes with this new release:
- The fix that been applied into scp, related to the mitigation of the issue reported into CVE-2019-6111, is also causing another issue.
If the wildcard expansion differ between client and server, the client may refuse files from the server.
- The “host/port” syntax been removed from sshd, that was initially implemented for the benifits of IPv6 users.
Read more about security, bugfixes, and new features details at OpenSSH.com.