OpenSSH versleutelt het netwerkverkeer om afluisteren, het overnemen van de verbinding en andere netwerkaanvallen tegen te gaan. Daarnaast bevat het de mogelijkheid om zogenaamde veilige tunnels op te zetten en ondersteunt het verschillende authenticatiemethodes. OpenSSH is primair ontwikkeld voor OpenBSD, gebruikers van andere besturingssystemen kunnen hier terecht. De ontwikkelaars hebben versie 8.0 van OpenSSH uitgebracht voorzien van de volgende aankondiging: OpenSSH 8.0 released OpenSSH 8.0 was released on 2019-04-17. It is available from the mirrors listed at https://www.openssh.com/. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: http://www.openssh.com/donations.html Security This release contains mitigation for a weakness in the scp(1) tool and protocol (CVE-2019-6111): when copying files from a remote system to a local directory, scp(1) did not verify that the filenames that the server sent matched those requested by the client. This could allow a hostile server to create or clobber unexpected local files with attacker-controlled content. This release adds client-side checking that the filenames sent from the server match the command-line request. The scp protocol is outdated, inflexible and not readily fixed. We recommend the use of more modern protocols like sftp and rsync for file transfer instead. Potentially-incompatible changes This release includes a number of changes that may affect existing configurations:
