Ladies and Gentlemen, OpenSSH is Locked, Loaded, and Landed

Nobody can deny that in computing, security is important. One of the most popular tools for Linux security — indeed, the Readers Choice winner for favorite security/system admin tool four years running — is SSH, and among the most popular implementations is OpenSSH. As of Monday, there is even more to love, as OpenSSH released version 5.1.

Included in this latest release are numerous new features, as well as a few security fixes. Among these are an experimental SSH Fingerprint utility intended to allow for visual detection of tampered SSH keys, support for CDIR matching in authorized_keys as well as "Match address" blocks, an increase in the default size of Protocol 1 ephemeral keys to 1024 bits, and new documentation of OpenSSH's differences (additions and departures) from published SSH protocols. Numerous other new features and bugfixes for both the general and portable offerings are available in the release announcement.

Downloads are available through various mirrors coordinated through the OpenSSH website, and will presumably become available through most distribution's normal repositories in the coming weeks. As always, bug reports are greatly appreciated; OpenSSH's problem reporting page has instructions for reporting general bugs, while security matters are requested directly to openssh @ openssh.com.

______________________

Justin Ryan is a Contributing Editor for Linux Journal.