검색

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

7.146. openssh

download PDF
Updated openssh packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server.

Bug Fixes

BZ#1085710
Every first attempt to make a connection using the sftp utility, before the user information was stored in the System Security Services Daemon (SSSD) cache, failed. The sshd server no longer closes file descriptors before all the user information is loaded, and sftp connections in combination with SSSD work even when the SSSD cache is empty. Now, first sftp connection attempts succeed.
BZ#1093869
Printing extensions for v01 certificates using the "ssh-keygen -L -f" command did not display the certificate extensions correctly. Now, printing extensions for v01 certificates works as expected.
BZ#1109251
The sshd configuration test mode, executed by the "sshd -T" command, did not display all default options and displayed certain other options incorrectly. With this update, the sshd test mode outputs all required default options and also prints the above-mentioned other options correctly. Output of the configuration test mode can be now safely applied as configuration input.
BZ#1127312
Non-existing users logging in with ssh triggered two different audit messages in the log, which was not expected behavior. With this update, when a non-existing user attempts to log in using ssh, only one audit message is triggered. This message records a login attempt from an unknown user as expected.
BZ#1131585
When the ForceCommand option with a pseudoterminal was used and the MaxSession option was set to "2", multiplexed ssh connections did not work as expected. After the user attempted to open a second multiplexed connection, the attempt failed if the first connection was still open. This update modifies OpenSSH to issue only one audit message per session. The user is able to open two multiplexed connections in this situation.
BZ#1134938
Previously, OpenSSH did not correctly handle quoted multiple values defined on one configuration line. When the user specified, for example, multiple groups in quotes on one line, OpenSSH only honored the first specified group. The OpenSSH configuration parser has been modified, and OpenSSH honors all option values in this situation.
BZ#1135521
The ssh-copy-id utility failed if the account on the remote server did not use an sh-like shell. Remote commands have been modified to run in an sh-like shell, and ssh-copy-id now also works with non-sh-like shells.
BZ#1161454
The user could not generate ssh keys on hosts with a host name of 64 characters. The ssh-keygen utility failed in this situation. The buffer size for host names has been increased, and ssh-keygen no longer fails in the described situation.
BZ#1172224
All the messages obtained from an sftp server when using chroot were logged in the global log file through the sshd server even when a valid socket for logging was available. Now, events from the sftp server can be logged through the socket in chroot and forwarded into an independent log file.
BZ#1196331
The ssh-keyscan command did not scan for Elliptic Curve Digital Signature Algorithm (ECDSA) keys. The "ssh-keyscan -t ecdsa -v localhost" command did not display any output. The command now outputs the host ECDSA key as expected.
BZ#1208584
This update fixes memory leaks discovered in sshd.

Enhancements

BZ#1119506
This update adds support for adjusting LDAP queries. The administrator can adjust the LDAP query to obtain public keys from servers that use a different schema.
BZ#1159055
The PermitOpen option in sshd_config file now supports wildcards.
BZ#1191055
With this update, openssh can force exact permissions on files that are newly uploaded using sftp.
Users of openssh are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.