I-OpenSSH iwukuqaliswa okuphelele kwephrothokholi ye-SSH 2.0, ehlanganisa nokusekelwa kwe-SFTP.
Lokhu kukhishwa kufaka phakathi usekelo lweziqinisekisi zezingxenyekazi zekhompuyutha ze-FIDO/U2F. Amadivayisi e-FIDO manje asekelwa ngaphansi kwezinhlobo zokhiye ezintsha ze-"ecdsa-sk" kanye ne-"ed25519-sk", kanye nezitifiketi ezihambisanayo.
Lokhu kukhishwa kufaka phakathi izinguquko eziningi ezingase zithinte ezikhona
ukucupha:
- Isusa okuthi "ssh-rsa" ohlwini lwe-CASignatureAlgorithms. Manje, lapho usayina izitifiketi ezintsha, i-βrsa-sha2-512β izosetshenziswa ngokuzenzakalelayo;
- I-algorithm ye-diffie-hellman-group14-sha1 ikhishiwe kukho kokubili iklayenti neseva;
- Uma usebenzisa insiza ye-ps, isihloko senqubo ye-sshd manje sibonisa inombolo yokuxhumana ezama ukufakazela ubuqiniso kanye nemikhawulo elungiselelwe kusetshenziswa i-MaxStartups;
- Kwengezwe ifayela elisha elisebenzisekayo elithi ssh-sk-helper. Iklanyelwe ukuhlukanisa imitapo yolwazi ye-FIDO/U2F.
Kuphinde kwamenyezelwa ukuthi ukusekelwa kwe-algorithm ye-SHA-1 hashing kuzonqanyulwa maduze.
Source: linux.org.ru