V8.9.0.0p1-Beta

This release includes

• Upstream changes from OpenSSH 8.9. Please note this release doesn't have ssh-agent restriction feature. This is tracked as part of #1902.

• Breaking change

  • This release disables RSA signatures using the SHA-1 hash algorithm by default. For more information, refer to "Potentially-incompatible changes" here.

• Security fixes

  • Validate the ACLs of $env:programdata\ssh folder, it's contents. This is not applicable for windows 10+ / windows server 2019+. For more information, refer to #1900

• Non-security fixes

  • FIDO/U2F hardware authenticators support to Win32-OpenSSH. Thanks to @martelletto, @akshayku.
  • PKCS11 support to ssh-agent. Thanks to @yan4321.
  • MSI installation package. Thanks to @tmeckel, @heaths.
  • Fixes for various reliability issues listed here.

V8.6.0.0p1-Beta

This release includes

• Upstream changes from OpenSSH 8.6. Please note this release doesn't have FIDO support.

• Breaking change

  • SSH askpass requires SSH_ASKPASS_REQUIRE environment variable to be set as "prefer" (or) "force".

• Security fixes

  • For non en-us OS, enforce authorized keys for admin users are read from $env:programdata\ssh\administrators_authorized_keys (#1757)
  • Ensure only admin users have access to modify the registry entries like DefaultShell (#1754)
  • Use $env:programdata\ssh\ssh_config only if it has correct file permissions (non-admin users shouldn't have write permissions)
    (#1753)

• Non-security fixes

  • Allow authorizedKeysCommand to work with the System user. Thanks to @bkatyl, @NoMoreFood.
  • Add moduli support.
  • Allow support to configure the custom shell arguments.
  • Allow SSH connection when the machine name is the same as the user name. Thanks to @oldium.
  • For downlevel OS (win10 below), fix the scrolling issue after reaching the end of the screen.
  • Write non-English characters to ETW / logfile.
  • X11 related bugs . Thanks to @riverar.
  • Fixes for various reliability issues listed here.

v8.1.0.0p1-Beta

This release includes

• Upstream changes from OpenSSH 8.1
• Added ZLIB compression
• Upgraded LibreSSL to version 2.9.2.1
• Added support for AuthorizedKeysCommand and AuthorizedPrincipalsCommand.
• Read the VTSequence using the console win32 APIs.
• Added support for windows long paths. Thanks to @NoMoreFood.
• Fixes for various reliability issues listed here.

v8.0.0.0p1-Beta

This is a pre-release (non-production ready)

This release includes

• Upstream changes from OpenSSH 8.0
• Support for PKCS providers
• Fixes for various reliability issues listed here. Many of these intricate issues were investigated and fixed by @NoMoreFood.

Source - https://github.com/PowerShell/openssh-portable/releases/tag/v8.0.0.0

v7.9.0.0p1-Beta

This is a pre-release (non-production ready)

Note

• Default location of AuthorizedKeysFile for users in Administrators group is now
  %programdata%/ssh/administrators_authorized_keys. See here for help with permissions on this file.

This release includes

• Upstream changes from OpenSSH 7.8 and 7.9
• Kerberos support via GSSAPI by @NoMoreFood (#1295). Check here for usage.
• Rich command-line support for various shells including powershell, bash and cygwin (#1082 and #1211). Check here for usage.
• PTY support via conpty on Windows 10 for a richer xterm experience
• Fixes and enhancements to ssh-agent (#1263, PowerShell/openssh-portable#363)
• Fixes to enable auto-updating known_hosts via ssh and ssh-keygen (#1323)
• Fixes to other issues listed here

Source - https://github.com/PowerShell/openssh-portable/releases/tag/v7.9.0.0

v7.7.2.0p1-Beta

This is a pre-release (non-production ready)

UPDATE -We have updated ssh-shellhost.exe binary (fix for #1222) in V7.7.2.0 payload on 8/4/2018.

This release includes

• Support for auto updating known_hosts via ssh and ssh-keygen
• Optimized group membership resolution that results in vast performance improvement in processing simple user/group configuration rules.
• Fixed descriptor leaks in win32 fstat implementation(#1209) by @cbookg
• Support for handling user resolution in absence of explicit UPN (#1213) by @NoMoreFood
• Various other fixes listed here

Source - https://github.com/PowerShell/openssh-portable/releases/tag/v7.7.2.0

v7.7.1.0p1-Beta

This is a pre-release (non-production ready)

This release includes fixes for regressions introduced in v7.7.0.0.

Note

• If you configure a default shell, ensure that OpenSSH installation path is in system PATH. If not already present, amend system PATH and restart sshd service.
• Scp and Sftp are tested to work with Powershell and Cygwin's bash as default shells. There are still issues with WSL bash (manifest as hung sessions), we are working on investigating these.

List of all issues fixed - here

Source - https://github.com/PowerShell/openssh-portable/releases/tag/v7.7.1.0

v7.7.0.0p1-Beta

This is a pre-release (non-production ready)

Regressions

• #1164 - scp and sftp won't work if OpenSSH is installed in "Program Files" or any directory with a white space.
  • Work around - install in a path with no white space - ex. c:\openssh
• #1165 - SCP fails when using bash as alternative shell

Note

• This release introduces new rules for specifying user/group based configuration rules for domain principals - these should now adhere to NameSamCompatible format. For more info refer sshd_config manual.

This release includes

• OpenSSH 7.7 changes from upstream.
• Normalized user/group principal resolution - by @NoMoreFood
• Improvements to support nested groups while processing group based configuration rules - by @NoMoreFood
• Chroot support for sftp (and scp via custom shell). See sshd_config manual
• Support sshd in interactive mode (for testing and trouble shooting)
• various other fixes listed here

Source - https://github.com/PowerShell/openssh-portable/releases/tag/v7.7.0.0

v7.6.1.0p1-Beta

This is a pre-release (non-production ready)

Note:

• New Logging facility added (ETW). Check out Logging Facilities for options to switch to file based logging.
• Binaries and PS files are now digitally signed.
• Source code is no longer maintained in this repository, see below for tag in PowerShell/openssh-portable associated with the release

This release includes

• Enhancements to overcome prior limitations in concurrent sessions and forwarded connections - by @NoMoreFood
• Support for navigation via symlinks - by @NoMoreFood
• Fixes in POSIX compat layer - by @revngnr and @djsweet
• ETW logging
• Wild card support in scp
• various other fixes listed here

Source - https://github.com/PowerShell/openssh-portable/releases/tag/v7.6.1.0

v7.6.0.0p1-Beta

This is a pre-release (non-production ready)

Please note

• to avoid confusion with various internal versions, we have made a conscious decision to synchronize future releases with the base OpenSSH software version (currently at 7.6).
• to differentiate this fork from core OpenSSH portable, the software name reported on the wire is updated from OpenSSH to OpenSSH_for_Windows.

This release includes

• security enhancement - sshd unprivileged workers will now run in runtime generated unique security identities.
• support for ProxyCommand using stdio redirection
• fixes to regressions in previous release
• support to let applications break away from ssh session and run in background
• various other fixes listed here