Release Notes: This release added experimental sandboxing of network-facing code during the pre-authentication phase and SHA2-based HMAC modes for the SSH transport. sshd now sends logs from the privilege-separated process via a pipe, eliminating the need for /var/empty/dev/log. There were many more bugfixes and changes.
Release Notes: ECC support for kex exchange and public key authentication, SFTP hard link support, improved QoS/DSCP support, bandwidth limiting for SFTP, and more.
Release Notes: This is a major feature and bugfix release. Major changes include disabling SSH protocol 1 by default, removal of legacy OpenSC/libsectok smartcard support, addition of PKCS#11 support, introduction of a new certificate authentication method for users and hosts, revised session multiplexing code, many improvements to sftp from the Google Summer of Code 2009, and lots of bugfixes.
Release Notes: Many bugs were fixed. Performance and features were improved.
Release Notes: Execution of ~/.ssh/rc was disabled for sessions where a command has been forced by the sshd_config ForceCommand directive (unsafe default behavior). Chroot support for sshd was added. Internal sftp-server support was added to sshd, to allow chroot operation without support files. A "no-user-rc" option was added to ~/.ssh/authorized_keys to disable execution of ~/.ssh/rc in public key authentication. An sftp protocol extension, "email@example.com", was added to provide a rename operation with POSIX semantics.