[empty image] [empty image]
[empty image]
[empty image] [empty image] [empty image]
[empty image]

secure shell with
X.509 v3 certificate support
(archive 10.x-series)

Check the current version here!

21 May 2017 : Version x509-10.2
What's new:
  • android port
    Improve support for virtual user account, relocatable location of configuration, relax directory permissions and ignore login records.
  • skipped identities
    Add extra messages to debug reasons for skipping an identity (not allowed by configuration or not accepted by peer, if server announce supported algorithms in extension)
  • skipped identities
    Add extra messages to debug reasons for skipping an identity (not allowed by configuration or not accepted by peer, if server announce supported algorithms in extension)
  • work with broken "server-sig-algs" extension
    Server extension "server-sig-algs" was not implemented properly in OpenSSH 7.3 and 7.4. New version detect broken servers and replaces incorrect algorithm announcement with correct list.
    For instance OpenSSH 7.3 list only algorithms rsa-sha2-256 and rsa-sha2-512. As result PKIX-SSH functionality for "adaptive public key algorithm selection" in connection to OpenSSH 7.3 skips all other identities except those with RSA key.
  • [RFC6187] keys
    Now certificates sent for a identity encoded in [RFC6187] are used in verification process. This mean that there is no requirement client or server to keep intermediate certificates in X.509 store for [RFC6187] keys.

31 Mar 2017 : Version x509-10.1.1
What's new:
  • portability
    Functions "llabs" is not defined as library function in Android API before level 21 (v5.0, LOLLIPOP). It is replaced with local version to ensure binary compatibility with oldest API.
  • compatibility
    Some OpenSSL compatible libraries hide and do not export OpenSSL functions like UTF8_getc and UTF8_putc. To avoid build issue a local version is bundled. Note that this piece of code is under OpenSSL license. Also code is fixed to avoid implicit function declarations warnings.
  • FIPS in identification string
    If secsh daemon runs in FIPS mode it will send string "FIPS" in comment field of protocol identification string when the connection is established.

25 Mar 2017 : Version x509-10.1
What's new:
  • server extension "publickey-algorithms@roumenpetrov.info"
    Added experimental support for extension negotiation mechanism - client offer support of extension negotiation and server respond with list of supported public key algorithms within a custom extension "publickey-algorithms@roumenpetrov.info".
    This experimental functionality is basis for future PKIX-SSH versions to prefer [RFC6187] algorithms instead legacy one like x509v3-sign-rsa and x509v3-sign-dss.
  • extension "server-sig-algs"
    This extension is considered as limited variant of extension above, i.e. server supports only public key algorithms for which name of algorithm match name of signature. Note this is not the case for [RFC6187] algorithms. For compatibility reasons PKIX-SSH server offers "server-sig-algs" extension as well.
  • new server options AcceptedAlgorithms
    This pattern like global only option allows server to limit algorithms listed in extension "publickey-algorithms@roumenpetrov.info". By default all supported public key algorithms are announced.
    Note that this options adds additional restriction to options PubkeyAlgorithms and HostbasedAlgorithms that could be set conditionally per user and etc - see option Match.
    Indirectly option limit list send in "server-sig-algs" extension.
  • new RSA key algorithms
    This version supports new public key algorithms: rsa-sha2-256 (default) and rsa-sha2-512. Client and agent will use them only if server announce them in one of extensions mentioned above.
  • adaptive public key algorithm selection
    This is experimental technology based on server extension mentioned above. Adaptive selection is used in public authentication to the servers that announce supported public-key algorithms. Client with try to find match between those algorithms and announced by server taking into account client option PubkeyAlgorithms as well.
    For instance let an identity is a X.509 RSA certificate. Such identity could be used in "x509v3-sign-rsa", "x509v3-ssh-rsa", "rsa-sha2-256" and "rsa-sha2-512" or "ssh-rsa" public key algorithms. Let client option PubkeyAlgorithms is default one - '*'. Let server announce "ssh-rsa" then this algorithm will be used in public key authentication nevertheless where identity is stored - file system, or secure token (pkcs#11 module), or provided by ssh agent, or openssl loadable module (engine).
    Note if server does not send extensions you could set manually PubkeyAlgorithms per host to achieve similar functionality.
  • hostkey update and rotation
    Ensure working update and rotation of hostkeys in [RFC6187] formats. Feature could be requested by client with option UpdateHostKeys.
  • additional compatibility for [RFC6187]
    Added detection for other ssh products that implement EC [RFC6187] keys similar as PKIX-SSH before to be implemented properly in 10.0.
  • log launch in FIPS
    Now server write message that program is run FIPS mode on standard error instead system log. Client, agent and key generator output such message as well. On system with fipscheck, in addition to server and client, verification is added to agent and key generator programs.
    Note that you should move checksum files for system server(sshd) and client(ssh) from fipscheck directory ( /usr/lib{64,}/fipscheck) to directory of executable to allow PKIX-SSH and system secure shell to coexist.
  • OpenSSL versions
    No restrictions for OpenSSL version. PKIX-SSH supports builds with most recent (1.1.+, current) and ancient (0.9.7*) versions of OpenSSL cryptographic library build in different configurations like FIPS or Kerberos enabled.
  • prolong UsePrivilegeSeparation options
    Use of server options UsePrivilegeSeparation is useful in environments where server runs in user space.

25 Feb 2017 : Version x509-10.0
What's new:
  • true x509v3-ecdsa-sha2-* algorithms
    Versions before 10.0 incorrectly implement [RFC6187] - public key-blob does not include algorithm name and ecdsa signature blob is in ASN.1 opaque format.
    New release implement correctly EC X.509 public-key algorithms and supports backward compatibility with previous releases.
  • x509v3-ssh-*algorithms
    Support x509v3-ssh-rsa and x509v3-ssh-dss algorithms ([RFC6187]) in addition to x509v3-sign-rsa and x509v3-sign-dss.
    Note x509v3-sign-* are still preferred.
  • demon advertise PKIX-SSH release
    Secure shell sever advertise PKIX-SSH release version in connections and logs. Version number could be used to detect capabilities of secure shell server.
  • support VPN tunnel for Darwin's utun device
  • code cleanup
    Completely remove possibility to build without X.509 store.
    Rewrite many methods to use new library style API and mainly to take into account public-key algorithm name and compatibilities.

News archives:

[empty image]
[empty image] [empty image] Last modified : Saturday November 10, 2018 [empty image]