OpenSSH 8.6 fixes a vulnerability and with some important changes

The launch of the new version of OpenSSH 8.6, an open implementation of a client and a server to work with the SSH 2.0 and SFTP protocols.

For those who do not know about OpenSSH (Open Secure Shell) should know that this is a set of applications that allow encrypted communications over a network, using the SSH protocol. It was created as a free and open alternative to the Secure Shell program, which is proprietary software.

The OpenSSH suite includes the following command line utilities and daemons:

  • scp: which is a replacement for rcp.
  • sftp - A replacement for ftp for copying files between computers.
  • ssh - A replacement for rlogin, rsh, and telnet to allow shell access to a remote machine.
  • ssh-add and ssh-agent: a set of utilities to facilitate authentication by keeping keys ready and avoiding the need to enter passphrases each time they are used.
  • ssh-keygen - A tool for inspecting and generating RSA, DSA, and elliptical curve keys that are used for user and host authentication.
  • ssh-keyscan: which scans a list of hosts and collects their public keys.
  • sshd: the SSH server daemon.

Main new features of OpenSSH 8.6

The new version fixes a vulnerability in the implementation of the LogVerbose directive, which appeared in the latest version and allows you to raise the level of debugging information dumped into the registry, including the ability to filter by templates, functions, and files associated with executed code. with removed privileges in sshd process isolated in sandbox environment.

An attacker who gains control from a process without privileges with some unknown vulnerability you can take advantage of the LogVerbose issue to avoid isolating the test area and attacking an elevated process.

The vulnerability in LogVerbose is considered unlikely in practiceas the LogVerbose setting is disabled by default and is usually only used during debugging. The attack also requires finding a new vulnerability in an unprivileged process.

On the other hand, of the changes that were made in OpenSSH 8.6 not related to the vulnerability. We can find that a new protocol extension "limits@openssh.com" was implemented on sftp and sftp-server, which allows the SFTP client to get information about server restrictions, including maximum packet size and read / write limits.

In sftp, a new extension is used to select the optimal block size for data transferIn addition, the ModuliFile configuration was added to sshd_config for sshd, allowing you to specify the path to the "moduli" file containing groups for DH-GEX.

The environment variable TEST_SSH_ELAPSED_TIMES has been added to unit tests to allow the display of the elapsed time since the start of each test.

The GNOME password prompt has been split into two optionss, one for GNOME2 and one for GNOME3 (contrib / gnome-ssk-askpass3.c). The GNOME3 variant uses gdk_seat_grab () to control keyboard and mouse capture to improve Wayland compatibility.

And also added soft-disallow to the fstatat64 system call to the seccomp-bpf based Linux sandbox.

Finally, if you are interested in knowing more about this new version, you can consult the details by going to the following link.

How to install OpenSSH 8.6 on Linux?

For those who are interested in being able to install this new version of OpenSSH on their systems, for now they can do it downloading the source code of this and performing the compilation on their computers.

This is because the new version has not yet been included in the repositories of the main Linux distributions. To get the source code, you can do from the following link.

Done the download, now we are going to unzip the package with the following command:

tar -xvf openssh-8.6.tar.gz

We enter the created directory:

cd openssh-8.6

Y we can compile with the following commands:

./configure --prefix=/opt --sysconfdir=/etc/ssh
make
make install

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.