OpenSSH 5.6 arrives

The OpenSSH development team has announced the arrival of version 5.6 / 5.6p1 of its open source SSH (Secure Shell) implementation. According to the developers, the latest release of the free SSH connectivity tools include a number of bug fixes and several new features.

OpenSSH 5.6 features support for indirection in matching of principal names in sshd, a revised format for certificate keys and the addition of a ControlPersist option to ssh_config, automatically starting a background ssh multiplex master when connecting. Other changes include additional sshd_config options (AuthorizedKeysFile, AuthorizedPrincipalsFile, HostbasedUsesNameFromPacketOnly, PermitTunnel) inside Match blocks and support for signing a certificate using a CA key stored in a PKCS#11 token has been added to ssh-keygen(1). The developers also note that hostbased authentication may now use certificate host keys, adding that CA keys must be specified in a known_hosts file using the @cert-authority marker.

Further information about the release, including all of its new features and changes, can be found in the release notes. OpenSSH is licensed under a BSD licence and is funded through donations. As the projects home page points out, despite being extensively used by a number of major companies none of them have made a donation.

See also:

• Announce: OpenSSH 5.6 released, an OpenSSH release announcement.
• OpenSSH 5.5 brings minor improvements, a report from The H.

(crve)