Releases: PowerShell/Win32-OpenSSH
v0.0.15.0
This is a pre-release (non-production ready)
Note: This release added security enhancements that might break existing configurations.
The changes ensure that permissions on OpenSSH file based resources (keys and configuration) would not allow any unauthorized access. UtilityScripts are included to help with fixing permission related issues.
For automated host side upgrades, it is recommended to run the following included utility to prevent possible lockouts due to broken sshd configuration:
FixHostFilePermissions.ps1 -Confirm:$false
Also includes the following bug fixes/enhancements:
- Added initial port of
ssh-keyscan.exe(#732) - Support for binary data over SSH stdin (#658)
- Removed unwanted
sshdservice account privileges (#726) - Improved WinSCP experience (#539)
- Fixed regression in
ssh-agent- rejecting key sign requests fromsshdservice. (#734) - Fixed issues in Docker scenarios (#666)
- Other misc issues listed here
v0.0.14.0
This is a pre-release (non-production ready)
Bug fixes
- Fix for key based authentication for Docker containers. (#677)
- Fix to
ssh-agentwhen thesshdis not installed. (#558) - Fixed a bug where
ssh-keygenwould not overwrite an existing file, even if the user confirmed. (#685) - Fixed a bug where read values in registry would report error. (#645)
- Fixed logging in
sshdbefore loading the private host key files. (#708) - Fixed
sshclient title. (#722) - Other misc issues listed here
Note on v0.0.13.0 release
You may have noticed that we pulled down the v0.0.13.0 release. With that release, we had an introduced a new requirement to securely ACL certain files.
That design proved somewhat premature, and before requiring everyone to re-ACL files across their environment, we decided to pull the release in order to get the design right. Expect a release in the near future that will require some kind re-ACL'ing (but not just yet). 👍
v0.0.12.0
This is a pre-release (non-production ready)
Includes:
- Fixes to several redirection related issues with ssh.exe and sftp.exe
- Following will now work
- ssh ... > out.txt
- $o = ssh ... (in Powershell)
- sftp -b .... > out.txt
- Following will now work
- Removal of ssh-lsa.dll. There is now no reboot restriction on setup.
and other misc issues listed here
Note
It seems that the key based authentication is not working for docker containers. For docker scenarios, continue using v0.0.11.0 until this issue is fixed.
v0.0.11.0
This is a pre-release (non-production ready)
Includes:
- Latest changes from OpenSSH main repo (synced to 7.5p1)
- Fix to Sshfs issue introduced in 0.0.9.0
- Support for ssh redirection in Powershell ($o = ssh ... )
- Install-sshd.ps1 support for Nano
and other misc issues listed here
NOTE - Breaking Change
- Due to a security issue that got fixed in this release, SSHD account now needs read access to "authorized_keys. Otherwise pubkey authentication will fail. Do the following:
$authorizedKeyPath = "c:\users\user\.ssh\authorized_keys"
$acl = get-acl $authorizedKeyPath
$ar = New-Object System.Security.AccessControl.FileSystemAccessRule("NT Service\sshd", "Read", "Allow")
$acl.SetAccessRule($ar)
Set-Acl $authorizedKeyPath $acl
v0.0.10.0
This is a pre-release (non-production ready)
Includes:
- Fix to remote commadline issue introduced in 0.0.9.0
- Various terminal related issues
Wiki added to help understand TTY/PTY implementation in Windows
List of closed issues here
v0.0.9.0
v0.0.8.0
v0.0.7.0
v0.0.6.0
_This is a pre-release (non-production ready)_
Includes fixes to regression in v0.0.5.0 and minor issues in scp and sftp.
v0.0.5.0
_This is a pre-release (non-production ready)_
Regression Alert - installation will be broken if installed in "Program Files"
This release integrates all the latest changes in OpenSSH-Portable master into Win32 port. As detailed in Project Status, all development is being done in https://github.com/PowerShell/openssh-portable. For any contributions, please submit pull requests to PowerShell/openssh-portable.
This release also includes general fixes to reliability issues in scp and sftp scenarios. Wild cards now work in sftp as well as Windows styled paths.
Note: Log files are now populated in a "logs" folder in bin root.
See other improvements here