OpenSSH 7.5 发布了,该版本主要是一个 Bug 修复版本。
但本次更细使得特权分离的使用是强制性的,并且删除对旧的、不支持的 OpenSSL 版本的支持。
部分更新内容:
- In the next major release (expected June-August), removing remaining support for the SSH v.1 protocol (currently client-only and compile-time disabled).
- In the same release, removing support for Blowfish and RC4 ciphers and the RIPE-MD160 HMAC. (These are currently run-time disabled).
- In the same release, removing the remaining CBC ciphers from being offered by default in the client (These have not been offered in sshd by default for several years).
- Refusing all RSA keys smaller than 1024 bits (the current minimum is 768 bits)
转自 http://www.oschina.net/news/83080/openssh-7-5-released