OpenSSH has launched version 7.0 of the software, aimed at combating\u00a0weak and unsafe cryptography.<\/p>\n
Specifically, support for SSH version 1 is now disabled by default at compile time, 1,024-bit diffie-hellman-group1-sha1 key exchange is disabled by default at run-time, and the legacy v00 certificate format has been removed.<\/p>\n
There have also been changes to the way OpenSSH treats the setting which allows logins without a password.<\/p>\n
The default for the PermitRootLogin<\/em> option has changed from \u201cyes\u201d to \u201cprohibit-password\u201d.<\/p>\n Setting PermitRootLogin<\/em> to without-password or prohibit-password now bans all interactive authentication methods, allowing only public-key, host-based, and Generic Security Services Application Program Interface authentication.<\/p>\n Previously, it allowed users to type in a password in addition to the password-less authentication options.<\/p>\n There is also a\u00a0plan to retire more legacy cryptography in the next release:<\/p>\n OpenSSH is an SSH protocol 2.0 implementation and\u00a0includes SFTP\u00a0client and server support. OpenSSH also includes\u00a0transitional support for the legacy SSH 1.3 and 1.5 protocols\u00a0that may be enabled at compile-time.<\/p>\n Windows PCs infected through big USB security flaw<\/strong><\/a><\/p>\n Cognition Holdings responds to security concerns<\/strong><\/a><\/p>\n Security flaw exposes faxes of some FaxEmail clients<\/strong><\/a><\/p>\n Super cellphone spying machine in SA used to rig government tenders<\/strong><\/a><\/p>\n\n
More security news<\/h3>\n