Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

4.208. openssh

Updated openssh packages that fix multiple bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.
OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These packages include the core files necessary for the OpenSSH client and server.

Bug Fixes

BZ#685060
Prior to this update, SELinux could prevent users from uploading new files to their home directories in a chrooted Secure File Transfer Protocol (SFTP) environment. This bug has been fixed and users are now able to upload and download files in chrooted environment using SFTP.
BZ#705397, BZ#728459
Prior to this update, multiple manual pages contained formatting errors. As a consequence, error messages or warnings could be displayed when viewing these manual pages. The formatting has been corrected and the error messages and warnings are no longer displayed.
BZ#708056
Previously, when the SSH_USE_STRONG_RNG environment variable was set to 1, openssh read 48 bytes from the /dev/random number generator to generate a seed. This seed was too long and caused long delays on ssh or sshd startup and when connections were received. Now, the SSH_USE_STRONG_RNG variable contains the number of bytes that should be pulled from /dev/random (with a minimum default value of six) and the delays no longer occur.
BZ#714554
Previously, when restarting the dovecot service, ssh could become unresponsive. With this update, the source code is modified and the dovecot service now restarts properly and without hanging.
BZ#729021
Prior to this update, the debuginfo file was missing in the debuginfo package. With this update, the debuginfo file is included in the package and users can now view all debug information.
BZ#731939
Previously, the lastlog command did not show the last login of a user with a big user ID on 32-bit architectures. With this update, the source code is modified so that the last login information is now always recorded.

Enhancement

BZ#695781
With this update, multiple manual pages now describe Internet Protocol version 6 (IPv6) usage.
All users of openssh are advised to upgrade to these updated packages, which fix these bugs and add this enhancement.
Updated openssh packages that add one enhancement are now available for Red Hat Enterprise Linux 6.
OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These packages include the core files necessary for the OpenSSH client and server.

Enhancement

BZ#782367
Previously, OpenSSH could use the Advanced Encryption Standard New Instructions (AES-NI) instruction set only with the AES Cipher-block chaining (CBC) cipher. This update adds support for Counter (CTR) mode encryption in OpenSSH so the AES-NI instruction set can now be used efficiently also with the AES CTR cipher.
All users of openssh are advised to upgrade to these updated packages, which add this enhancement.