1323ec5712
Release notes are available at https://www.openssh.com/txt/release-8.9 Some highlights: * ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for restricting forwarding and use of keys added to ssh-agent(1) * ssh(1), sshd(8): add the sntrup761x25519-sha512@openssh.com hybrid ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the default KEXAlgorithms list (after the ECDH methods but before the prime-group DH ones). The next release of OpenSSH is likely to make this key exchange the default method. * sshd(8), portable OpenSSH only: this release removes in-built support for MD5-hashed passwords. If you require these on your system then we recommend linking against libxcrypt or similar. Future deprecation notice ========================= A near-future release of OpenSSH will switch scp(1) from using the legacy scp/rcp protocol to using SFTP by default. Legacy scp/rcp performs wildcard expansion of remote filenames (e.g. "scp host:* .") through the remote shell. This has the side effect of requiring double quoting of shell meta-characters in file names included on scp(1) command-lines, otherwise they could be interpreted as shell commands on the remote side. MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation
19 lines
581 B
Bash
19 lines
581 B
Bash
# $OpenBSD: login-timeout.sh,v 1.10 2021/09/30 05:20:08 dtucker Exp $
|
|
# Placed in the Public Domain.
|
|
|
|
tid="connect after login grace timeout"
|
|
|
|
trace "test login grace time"
|
|
cp $OBJ/sshd_config $OBJ/sshd_config.orig
|
|
grep -vi LoginGraceTime $OBJ/sshd_config.orig > $OBJ/sshd_config
|
|
echo "LoginGraceTime 10s" >> $OBJ/sshd_config
|
|
echo "MaxStartups 1" >> $OBJ/sshd_config
|
|
start_sshd
|
|
|
|
(echo SSH-2.0-fake; sleep 60) | telnet 127.0.0.1 ${PORT} >/dev/null 2>&1 &
|
|
sleep 15
|
|
${SSH} -F $OBJ/ssh_config somehost true
|
|
if [ $? -ne 0 ]; then
|
|
fail "ssh connect after login grace timeout failed"
|
|
fi
|