OpenSSH is a complete implementation of the SSH 2.0 protocol, which also includes support for SFTP.
This release includes support for FIDO/U2F hardware untifiers. FIDO devices are now supported under the new key types "ecdsa-sk" and "ed25519-sk", along with the corresponding certificates.
This release includes a number of changes that may affect existing
configurations:
- Removing "ssh-rsa" from CASignatureAlgorithms lists. Now, when signing new certificates, "rsa-sha2-512" will be used by default;
- Removed diffie-hellman-group14-sha1 algorithm for both client and server;
- When using the ps utility, the sshd process header now displays the number of connections trying to authenticate and the limits configured with MaxStartups;
- Added new executable ssh-sk-helper. It is designed to isolate FIDO/U2F libraries.
It was also announced that support for the SHA-1 hashing algorithm will soon be discontinued.
Source: linux.org.ru