OpenSSH 7.5 Released, Legacy Crypto Functions Still Heading For Retirement

Written by Michael Larabel in BSD on 20 March 2017 at 11:23 AM EDT. 2 Comments
BSD
OpenSSH 7.5 has been released as the latest update to this widely-used open-source package.

OpenSSH 7.5 has many bug fixes, including some security fixes around a weakness in CBC padding and a sftp-client vulnerability on Cygwin. OpenSSH 7.5 also ships with a number of bug-fixes throughout its code.

More legacy cryptography functions remain planned for retirement in future releases including the dropping of remaining SSH v.1 protocol support, removing support for Blowfish and RC4 ciphers and RIPE-MD160 HMAC, and removing CBC ciphers from the default in the client. A future OpenSSH release will also refuse RSA keys smaller than 1024 bits.

More details on OpenSSH 7.5 via its release announcement.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week