| Name: | openssh |
|---|---|
| Version: | 8.0p1 |
| Release: | 6.el8_4.2 |
| Architecture: | x86_64 |
| Group: | Applications/Internet |
| Size: | 1918025 |
| License: | BSD |
| RPM: | openssh-8.0p1-6.el8_4.2.x86_64.rpm |
| Source RPM: | openssh-8.0p1-6.el8_4.2.src.rpm |
| Build Date: | Sat May 22 2021 |
| Build Host: | host-100-100-224-33.blddevtest1iad.osdevelopmeniad.oraclevcn.com |
| Vendor: | Oracle America |
| URL: | http://www.openssh.com/portable.html |
| Summary: | An open source implementation of SSH protocol version 2 |
| Description: | SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. |
- rebuilt
- rebuilt
- Openssh client window fix (#1942364)
- Do not print "no slots" warning by default (#1744220) - Unbreak connecting using gssapi through proxy commands (#1749862) - Document in manual pages that CASignatureAlgorithms are handled by crypto policies (#1790604) - Use SHA2-based signature algorithms by default for signing certificates (#1790610) - Prevent simple ProxyJump loops in configuration files (#1804099) - Teach ssh-keyscan to use SHA2 RSA variants (#1744108) - Do not fail hard if getrandom() is not available and no SSH_USE_STRONG_RNG is specified (#1812120) - Improve wording of crypto policies references in manual pages (#1812854) - Do not break X11 forwarding if IPv6 is disabled (#1662189) - Enable SHA2-based GSSAPI key exchange algorithms by default (#1816226) - Mark RDomain server configuration option unsupported in RHEL (#1807686) - Clarify crypto policies defaults in manual pages (#1724195) - Mention RSA SHA2 variants in ssh-keygen manual page (#1665900)
- Restore entropy patch for CC certification (#1785655)
- Fix typos in manual pages (#1668325) - Use the upstream support for PKCS#8 PEM files alongside with the legacy PEM files (#1712436) - Unbreak ssh-keygen -A in FIPS mode (#1732424) - Add missing RSA certificate types to offered hostkey types in FIPS mode (#1732449)
- Allow specifying a pin-value in PKCS #11 URI in ssh-add (#1639698) - Whitelist another syscall variant for s390x cryptographic module (ibmca engine) (#1714915)
- New upstream release (#1691045) - Remove support for unused VendorPatchLevel configuration option - Fix kerberos cleanup procedures (#1683295) - Do not negotiate arbitrary primes with DH GEX in FIPS (#1685096) - Several GSSAPI key exchange improvements and sync with Debian - Allow to use labels in PKCS#11 URIs even if they do not match on private key (#1671262) - Do not fall back to sshd_net_t SELinux context (#1678695) - Use FIPS compliant high-level signature OpenSSL API and KDF - Mention crypto-policies in manual pages - Do not fail if non-FIPS approved algorithm is enabled in FIPS - Generate the PEM files in new PKCS#8 format without the need of MD5 (#1712436)
- Unbreak PKCS#11 URI tests (#1648262) - Allow to disable RSA signatures with SHA1 (#1648898) - Dump missing GSS options from client configuration (#1649505) - Minor fixes from Fedora related to GSSAPI and keberos - Follow the system-wide PATH settings
- Disable OpenSSH hardening flags and use the ones provided by system (#1630615) - Ignore unknown parts of PKCS#11 URI (#1631478) - Do not fail with GSSAPI enabled in match blocks (#1580017) - Fix the segfaulting cavs test (#1629692)