Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com X-Originating-IP: [66.146.167.234] X-Originating-Email: [karlm30 AT hotmail DOT com] X-Sender: karlm30 AT hotmail DOT com From: "Karl M" To: cygwin AT cygwin DOT com Subject: RE: [ANNOUNCEMENT] Updated: OpenSSH-3.9p1-1 Date: Wed, 18 Aug 2004 09:57:54 -0700 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 18 Aug 2004 16:57:54.0786 (UTC) FILETIME=[815D4420:01C48544] X-IsSubscribed: yes Hi All... I didn't find -r in the man page. I have not had time to scan the sources :-( What does it do? Thanks, ...Karl >From: Corinna Vinschen >Subject: [ANNOUNCEMENT] Updated: OpenSSH-3.9p1-1 >Date: Wed, 18 Aug 2004 10:38:15 -0500 (CDT) > >I've just updated the version of OpenSSH to 3.9p1-1. > >This is an official new release, based on the vanilla sources. > >NOTE NOTE NOTE: > >Thanks to an early bug report on the cygwin mailing list, I found that >you *must* add the -r option when starting the sshd daemon, if you want >to use privilege separation. Either that, or disable privilege separation >in /etc/sshd_config by setting > > UsePrivilegeSeparation no > > >The official release message as of today: > >==================================================================== >OpenSSH 3.9 has just been released. It will be available from the >mirrors listed at http://www.openssh.com/ shortly. > >OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 >implementation and includes sftp client and server support. > >We would like to thank the OpenSSH community for their continued >support to the project, especially those who contributed source and >bought T-shirts or posters. > >We have a new design of T-shirt available, more info on > http://www.openbsd.org/tshirts.html#18 > >For international orders use http://https.openbsd.org/cgi-bin/order >and for European orders, use http://https.openbsd.org/cgi-bin/order.eu > > >Changes since OpenSSH 3.8: >============================ > >* Added new "IdentitiesOnly" option to ssh(1), which specifies that it >should > use keys specified in ssh_config, rather than any keys in ssh-agent(1) > >* Make sshd(8) re-execute itself on accepting a new connection. This >security > measure ensures that all execute-time randomisations are reapplied for >each > connection rather than once, for the master process' lifetime. This >includes > mmap and malloc mappings, shared library addressing, shared library >mapping > order, ProPolice and StackGhost cookies on systems that support such >things > >* Add strict permission and ownership checks to programs reading >~/.ssh/config > NB ssh(1) will now exit instead of trying to process a config with poor > ownership or permissions > >* Implemented the ability to pass selected environment variables between >the > client and the server. See "AcceptEnv" in sshd_config(5) and "SendEnv" >in > ssh_config(5) for details > >* Added a "MaxAuthTries" option to sshd(8), allowing control over the >maximum > number of authentication attempts permitted per connection > >* Added support for cancellation of active remote port forwarding sessions. > This may be performed using the ~C escape character, see "Escape >Characters" > in ssh(1) for details > >* Many sftp(1) interface improvements, including greatly enhanced "ls" >support > and the ability to cancel active transfers using SIGINT (^C) > >* Implement session multiplexing: a single ssh(1) connection can now carry > multiple login/command/file transfer sessions. Refer to the >"ControlMaster" > and "ControlPath" options in ssh_config(5) for more information > >* The sftp-server has improved support for non-POSIX filesystems (e.g. FAT) > >* Portable OpenSSH: Re-introduce support for PAM password authentication, >in > addition to the keyboard-interactive driver. PAM password authentication > is less flexible, and doesn't support pre-authentication password expiry >but > runs in-process so Kerberos tokens, etc are retained > >* Improved and more extensive regression tests > >* Many bugfixes and small improvements > >Checksums: >========== > >- MD5 (openssh-3.9.tgz) = 93f48bfcc1560895ae53de6bfc41689b >- MD5 (openssh-3.9p1.tar.gz) = 8e1774d0b52aff08f817f3987442a16e > > >Reporting Bugs: >=============== > >- please read http://www.openssh.com/report.html > and http://bugzilla.mindrot.org/ > >OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, >Kevin Steves, Damien Miller, Ben Lindstrom, Darren Tucker and Tim Rice. >==================================================================== > >To update your installation, click on the "Install Cygwin now" link on >the http://cygwin.com/ web page. This downloads setup.exe to your >system. Then, run setup and answer all of the questions. > > *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO *** > >If you want to unsubscribe from the cygwin-announce mailing list, look >at the "List-Unsubscribe: " tag in the email header of this message. >Send email to the address specified there. It will be in the format: > >cygwin-announce-unsubscribe-you=3D3Dyourdomain DOT com AT cygwin DOT com > >If you need more information on unsubscribing, start reading here: > >http://sources.redhat.com/lists.html#unsubscribe-simple > >Please read *all* of the information on unsubscribing that is available >starting at this URL. > >-- >Corinna Vinschen Cygwin Developer Red Hat, Inc. > _________________________________________________________________ Check out Election 2004 for up-to-date election news, plus voter tools and more! http://special.msn.com/msn/election2004.armx -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/