[ssh_x509] pkix-ssh release 8.2

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Sun Nov 23 22:37:01 EET 2014

Hello All,

ssh_x509 at roumenpetrov.info wrote:
> Hello,
> I have updated version that includes openssh 6.7, but I'm not sure 
> that I will prepare a release soon based on this.
> One of changes in openssh 6.7 is "major internal refactoring to begin 
> to make part of OpenSSH usable as a library". This is huge 
> modification and according to public records tests for buffered 
> interfaces fail on some platforms.
> Perhaps next PKIX-SSH version will include successor of openssh 6.7.

It seems to me many users would like to continue with TCP-wrappers and 
would like to use OpenSSL 0.9.8+. So I change may opinion and would like 
to announce new release.

- Version 8.2 includes OpenSSH 6.7p1
   OpenSSH 6.7p1 refactor key-related functions to be more library-like.
   Also OpenSSH 6.7p1 drop TCP-wrappers and adds requires at lest 
OpenSSL 0.9.8f to build.

- Minimum OpenSSL version - 0.9.7
   PKIX-SSH drop support for OpenSSL 0.9.6. It continue to support 
OpenSSL 0.9.7 and all 0.9.8 with wrapper functions for missing or buggy 
functionality. Note that engine functionality in OpenSSL 0.9.7 is not so 
stable and in some host configurations load of OpenSSL engines may fail.

- TCP-wrappers support
   PKIX-SSH continue to support TCP-wrappers.

- Support ECDSA X.509 keys in agent
   Unfortunately version 8.1 was released without support in agent. 
Version 8.2 correct this mistake.

- Portability fixes
   Correction is in regression tests to use more portable command 
    Also detection of "unix" netcat in multiplex tests is improved. Now 
tests pass on solaris.
    Note that netcat commands used in linux distributions does not 
fulfill yet requirement  of multiplex regression test.

Roumen Petrov

More information about the ssh_x509 mailing list