OpenSSH 8.4 was released yesterday. It includes several signifigant changes for FIDO/U2F authentication, some of which are listed as potentially-incompatible, but are still great to see. Other things that caught my eye:
sftp(1): allow the
-Aflag to explicitly enable agent forwarding in scp and sftp. The default remains to not forward an agent, even when ssh_config enables it.
sshd_configlonger than 256k
And I’m always pleased to see NetBSD portability notes:
sshd(8): support NetBSD’s
utmpx.ut_ssaddress field. bz#960
This exquisitely-maintained software powers so much of the Internet. It got me thinking that for all my talk about donations, I should put my money where my mouth is and donate to the OpenBSD Foundation. Even if you’ve never heard of OpenSSH, you’ve also benefited from it.