openssh-7.2p2-9.1.x86_64.rpm


Advertisement

Description

openssh - Secure Shell Client and Server (Remote Login Program)

Property Value
Distribution openSUSE Leap 42.2
Repository openSUSE Update Oss all
Package name openssh
Package version 7.2p2
Package release 9.1
Package architecture x86_64
Package type rpm
Installed size 5.31 MB
Download size 954.19 KB
Official Mirror ftp.gwdg.de
SSH (Secure Shell) is a program for logging into and executing commands
on a remote machine. It is intended to replace rsh (rlogin and rsh) and
provides openssl (secure encrypted communication) between two untrusted
hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.

Alternatives

Package Version Architecture Repository
openssh-7.2p2-11.6.1.x86_64.rpm 7.2p2 x86_64 openSUSE Update Oss
openssh-7.2p2-11.3.1.x86_64.rpm 7.2p2 x86_64 openSUSE Update Oss
openssh-7.2p2-6.1.x86_64.rpm 7.2p2 x86_64 openSUSE Oss
openssh - - -

Requires

Name Value
coreutils -
diffutils -
fillup -
grep -
libaudit.so.1()(64bit) -
libc.so.6(GLIBC_2.17)(64bit) -
libcom_err.so.2()(64bit) -
libcrypt.so.1()(64bit) -
libcrypt.so.1(GLIBC_2.2.5)(64bit) -
libcrypto.so.1.0.0()(64bit) -
libdl.so.2()(64bit) -
libdl.so.2(GLIBC_2.2.5)(64bit) -
libedit.so.0()(64bit) -
libgssapi_krb5.so.2()(64bit) -
libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit) -
libkrb5.so.3()(64bit) -
libkrb5.so.3(krb5_3_MIT)(64bit) -
libpam.so.0()(64bit) -
libpam.so.0(LIBPAM_1.0)(64bit) -
libresolv.so.2()(64bit) -
libresolv.so.2(GLIBC_2.2.5)(64bit) -
libselinux.so.1()(64bit) -
libutil.so.1()(64bit) -
libutil.so.1(GLIBC_2.2.5)(64bit) -
libz.so.1()(64bit) -
pwdutils -
systemd -

Provides

Name Value
config(openssh) = 7.2p2-9.1
openssh = 7.2p2-9.1
openssh(x86-64) = 7.2p2-9.1

Conflicts

Name Value
nonfreessh -
openssh-fips < 7.2p2-9.1
openssh-fips > 7.2p2-9.1

Download

Type URL
Binary Package openssh-7.2p2-9.1.x86_64.rpm
Source Package openssh-7.2p2-9.1.src.rpm

Install Howto

Install openssh rpm package:

# zypper install openssh

Files

Path
/etc/pam.d/sshd
/etc/slp.reg.d/ssh.reg
/etc/ssh/moduli
/etc/ssh/ssh_config
/etc/ssh/sshd_config
/etc/sysconfig/SuSEfirewall2.d/
/etc/sysconfig/SuSEfirewall2.d/services/sshd
/usr/bin/scp
/usr/bin/sftp
/usr/bin/slogin
/usr/bin/ssh
/usr/bin/ssh-add
/usr/bin/ssh-agent
/usr/bin/ssh-copy-id
/usr/bin/ssh-keygen
/usr/bin/ssh-keyscan
/usr/lib/ssh/sftp-server
/usr/lib/ssh/ssh-askpass
/usr/lib/ssh/ssh-keysign
/usr/lib/ssh/ssh-pkcs11-helper
/usr/lib/systemd/system/sshd.service
/usr/sbin/rcsshd
/usr/sbin/sshd
/usr/sbin/sshd-gen-keys-start
/usr/share/doc/packages/openssh/CREDITS
/usr/share/doc/packages/openssh/ChangeLog
/usr/share/doc/packages/openssh/LICENCE
/usr/share/doc/packages/openssh/OVERVIEW
/usr/share/doc/packages/openssh/README
/usr/share/doc/packages/openssh/README.FIPS
/usr/share/doc/packages/openssh/README.SUSE
/usr/share/doc/packages/openssh/README.kerberos
/usr/share/doc/packages/openssh/TODO
/usr/share/doc/packages/openssh/sshd.init
/usr/share/man/man1/scp.1.gz
/usr/share/man/man1/sftp.1.gz
/usr/share/man/man1/slogin.1.gz
/usr/share/man/man1/ssh-add.1.gz
/usr/share/man/man1/ssh-agent.1.gz
/usr/share/man/man1/ssh-copy-id.1.gz
/usr/share/man/man1/ssh-keygen.1.gz
/usr/share/man/man1/ssh-keyscan.1.gz
/usr/share/man/man1/ssh.1.gz
/usr/share/man/man5/moduli.5.gz
/usr/share/man/man5/ssh-ldap.conf.5.gz
/usr/share/man/man5/ssh_config.5.gz
/usr/share/man/man5/sshd_config.5.gz
/usr/share/man/man8/sftp-server.8.gz
/usr/share/man/man8/ssh-keysign.8.gz
/usr/share/man/man8/ssh-ldap-helper.8.gz
/usr/share/man/man8/ssh-pkcs11-helper.8.gz
/usr/share/man/man8/sshd.8.gz
/var/adm/fillup-templates/sysconfig.ssh
/var/lib/sshd/

Changelog

2017-01-24 - pcerny@suse.com
- Adding missing pieces for user matching (bsc#1021626)
2017-01-05 - pcerny@suse.com
- Properly verify CIDR masks in configuration
(bsc#1005893)
[openssh-7.2p2-verify_CIDR_address_ranges.patch]
- Remove pre-auth compression support from the server to prevent
possible cryptographic attacks.
(CVE-2016-10012, bsc#1016370)
[openssh-7.2p2-disable_preauth_compression.patch]
- limit directories for loading PKCS11 modules
(CVE-2016-10009, bsc#1016366)
[openssh-7.2p2-restrict_pkcs11-modules.patch]
- Prevent possible leaks of host private keys to low-privilege
process handling authentication
(CVE-2016-10011, bsc#1016369)
[openssh-7.2p2-prevent_private_key_leakage.patch]
- Do not allow unix socket forwarding when running without
privilege separation
(CVE-2016-10010, bsc#1016368)
[openssh-7.2p2-secure_unix_sockets_forwarding.patch]
2016-11-08 - pcerny@suse.com
- prevent resource depletion during key exchange
(bsc#1005480, CVE-2016-8858)
[openssh-7.2p2-kex_resource_depletion.patch]
- fix suggested command for removing conflicting server keys from
the known_hosts file (bsc#1006221)
2016-10-13 - pcerny@suse.com
- enable geteuid{,32} syscalls on mainframes, since it may be
called from libica/ibmica on machines with hardware crypto
accelerator (bsc#1004258)
[openssh-7.2p2-seccomp_geteuid.patch]
- fix regression of (bsc#823710)
[openssh-7.2p2-audit_fixes.patch]
- add slogin (removed upstreams)
[openssh-7.2p2-keep_slogin.patch]
2016-09-29 - pcerny@suse.com
- remaining patches that were still missing
since the update to 7.2p2 (FATE#319675):
- allow X forwarding over IPv4 when IPv6 sockets is not available
[openssh-7.2p2-X_forward_with_disabled_ipv6.patch]
- do not write PID file when not daemonizing
[openssh-7.2p2-no_fork-no_pid_file.patch]
- use correct options when invoking login
[openssh-7.2p2-login_options.patch]
- helper application for retrieving users' public keys from
an LDAP server
[openssh-7.2p2-ldap.patch]
- allow forcing permissions over sftp
[openssh-7.2p2-sftp_force_permissions.patch]
- do not perform run-time checks for OpenSSL API/ABI change
[openssh-7.2p2-disable_openssl_abi_check.patch]
- suggest commands for cleaning known hosts file
[openssh-7.2p2-host_ident.patch]
- sftp home chroot patch
[openssh-7.2p2-sftp_homechroot.patch]
- ssh sessions auditing
[openssh-7.2p2-audit.patch]
- enable seccomp sandbox on additional architectures
[openssh-7.2p2-additional_seccomp_archs.patch]
- fix forwarding with IPv6 addresses in DISPLAY (bnc#847710)
[openssh-7.2p2-IPv6_X_forwarding.patch]
- ignore PAM environment when using login
(bsc#975865, CVE-2015-8325)
[openssh-7.2p2-ignore_PAM_with_UseLogin.patch]
- limit accepted password length (prevents possible DoS)
(bsc#992533, CVE-2016-6515)
[openssh-7.2p2-limit_password_length.patch]
- Prevent user enumeration through the timing of password
processing (bsc#989363, CVE-2016-6210)
[openssh-7.2p2-prevent_timing_user_enumeration.patch]
- Add auditing for PRNG re-seeding
[openssh-7.2p2-audit_seed_prng.patch]
2016-09-16 - pcerny@suse.com
- FIPS compatibility (no selfchecks, only crypto restrictions)
[openssh-7.2p2-fips.patch]
- PRNG re-seeding
[openssh-7.2p2-seed-prng.patch]
- preliminary version of GSSAPI KEX
[openssh-7.2p2-gssapi_key_exchange.patch]
2016-06-07 - pcerny@suse.com
- enable support for SSHv1 protocol and discourage its usage
(bsc#983307)
- enable DSA by default for backward compatibility and discourage
its usage (bsc#983784)

See Also

Package Description
openssh-askpass-gnome-7.2p2-11.3.1.x86_64.rpm A GNOME-Based Passphrase Dialog for OpenSSH
openssh-askpass-gnome-7.2p2-11.6.1.x86_64.rpm A GNOME-Based Passphrase Dialog for OpenSSH
openssh-askpass-gnome-7.2p2-9.1.x86_64.rpm A GNOME-Based Passphrase Dialog for OpenSSH
openssh-cavs-7.2p2-11.3.1.x86_64.rpm OpenSSH FIPS cryptomodule CAVS tests
openssh-cavs-7.2p2-11.6.1.x86_64.rpm OpenSSH FIPS cryptomodule CAVS tests
openssh-cavs-7.2p2-9.1.x86_64.rpm OpenSSH FIPS cryptomodule CAVS tests
openssh-fips-7.2p2-11.3.1.x86_64.rpm OpenSSH FIPS cryptomodule HMACs
openssh-fips-7.2p2-11.6.1.x86_64.rpm OpenSSH FIPS cryptomodule HMACs
openssh-fips-7.2p2-9.1.x86_64.rpm OpenSSH FIPS cryptomodule HMACs
openssh-helpers-7.2p2-11.3.1.x86_64.rpm OpenSSH AuthorizedKeysCommand helpers
openssh-helpers-7.2p2-11.6.1.x86_64.rpm OpenSSH AuthorizedKeysCommand helpers
openssh-helpers-7.2p2-9.1.x86_64.rpm OpenSSH AuthorizedKeysCommand helpers
openssl-1.0.2j-4.1.x86_64.rpm Secure Sockets and Transport Layer Security
openssl-1.0.2j-6.3.1.x86_64.rpm Secure Sockets and Transport Layer Security
openssl-1.0.2j-6.6.1.x86_64.rpm Secure Sockets and Transport Layer Security
Advertisement
Advertisement