Release Notes: This release added experimental sandboxing of network-facing code during the pre-authentication phase and SHA2-based HMAC modes for the SSH transport. sshd now sends logs from the privilege-separated process via a pipe, eliminating the need for /var/empty/dev/log. There were many more bugfixes and changes.
Release Notes: sshd now allows the enabling and disabling of authentication methods on a per user, group, host, and network basis via the Match directive in sshd_config. A number of non-security bugs were fixed, including a hang on exit for ttyful/login sessions.
Release Notes: This release features many bugfixes and several new features, including improved port forwarding by allowing specification of an address for forwards to bind to, optional hashing of host names added to known_hosts to improve privacy, options to manage known_hosts files to ssh-keygen, improved account and password expiry support, command history, and editing to sftp and improved session multiplexing.
Release Notes: Support for privilege separation was improved. ssh no longer needs to be installed setuid root for protocol version 2 host-based authentication. The server now supports the Compression option.
Release Notes: Support for an "sshd" user, a code cleanup, and PAM enhancements.
Release Notes: SSH protocol v2 is now the default protocol version. Support for Rekeying in protocol version 2 was added. Dynamic forwarding added (use ssh(1) as your socks server). ssh(1) now checks the hostkey for localhost (NoHostAuthenticationForLocalhost yes/no). Extended AllowUsers user@host syntax added to sshd(8). sshd(8) now transmits the correct exit status for remote execution with protocol version 2. ssh-keygen(1) can now import private RSA/DSA keys generated with the commercial version. ssh-keyscan(1) now supports protocol version 2.
Release Notes: Support for RSA pubkey, Agent forwarding, remote forwarding, and SFTP.