From: Corinna Vinschen <cygwin@cygwin.com>
To: cygwin <cygwin@cygwin.com>
Subject: [ANN]: Testversion OpenSSH-20001221
Date: Thu, 21 Dec 2000 16:23:00 -0000 [thread overview]
Message-ID: <0012220123340J.10826@cygbert> (raw)
Hi,
I have just uploaded a new version of OpenSSH.
**********************************************************************
*** Please note that this is a TEST VERSION. ***
**********************************************************************
It's not a final version but is created from the current OpenSSH
CVS repository. I have added this version here to allow a bit of
testing what will be new in the next official version of OpenSSH.
To update your installation, click on the "Install Cygwin now" link on
the http://sources.redhat.com/cygwin web page. This downloads setup.exe
to your system. Run setup and answer all of the questions.
**********************************************************************
*** PLEASE, PLEASE, PLEASE, choose a mirror site for your download ***
**********************************************************************
even if it might take a will until this new archive is propagated
to the mirrors. The 'sources.redhat.com' site is badly overloaded.
Ok, what's new and of interest:
- F-SECURE 2.0.12 support. This means, that SSH2 authentication
with F-SECURE is possible now. This should work in both
directions. Personally I have only tested the client side.
- -R portforwarding using SSH2 protocol.
- New SSH2 RSA authentication work and -R portforwarding for SSH2.
The new RSA authentications works similar to the current SSH2 DSA
keys, but requires a little modification to config files. Currently
RSA key cannot be shared between SSH1 and SSH2.
To generate keys, ssh-keygen now has a type '-t' parameter. Valid
types are 'rsa1' (for SSH1 RSA keys), 'rsa' (SSH2 RSA) and 'dsa'
(SSH2 DSA). Eg. "ssh-keygen -t rsa -f ~/.ssh/id_rsa" will generate
a new SSH2 RSA key.
For public key authentication, just copy the public portion of the
RSA key into your ~/.ssh/authorized_keys2 file. It is normal for the
public RSA keys to be shorter than DSA keys.
SSH2 RSA keys are fully supported by ssh-agent. Keys are tried in the
order in which they are added to the agent, so 'ssh-add' your RSA key
first if you want to try it out.
For the server, all hostkeys are now unified and sshd will
automatically detect the type of a host key. The 'HostDSAKey'
option is therefore deprecated in favor of 'HostKey'. To specify
RSA and DSA keys for SSH2 use, just use more 'HostKey' options.
The 'DSAAuthentication' option is deprecated in favour of the
general 'PubkeyAuthentication' option.
The host key section of my sshd_config looks like this:
HostKey /etc/ssh/ssh_host_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
For the client, the 'IdentityFile2' option is deprecated in favor of
an autodetecting 'IdentityFile' option. You can specify rsa1, dsa and
rsa keys using this option.
RSA pubkey auth seems a little quicker than DSA and it is not
vulnerable to the problems described in the WARNING.RNG file in
the source archive.
- ssh-config now asks for creating the SSH2 RSA key files described
above. Additionally it creates some default entries for the "HostKey"
lines in /etc/ssh_config and /etc/sshd_config. However, these lines
are in comments to give you the choice which host keys you want to use.
This ssh-config will not be the final version. I'm planning to change
it so that the HostKey lines in the config files are created according
to the just created or already existing host key files and I want to
split up ssh-config into two files, one for the host configuration
and one for the user configuration.
Have fun,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple
next reply other threads:[~2000-12-21 16:23 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2000-12-21 16:23 Corinna Vinschen [this message]
2000-12-21 16:27 ` Corinna Vinschen
2000-12-22 9:47 ` Henry S. Thompson
2000-12-22 10:33 ` Corinna Vinschen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0012220123340J.10826@cygbert \
--to=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).