OpenSSH 9.2 and 9.2p1: security fixes and other improvements were released this week, giving system administrators and users the latest in secure remote access protocols.
OpenSSH 9.2 and 9.2p1 have been released with three minor security fixes: the first is to address the pre-authentication double-free memory fault, which is not exactly exploitable because it happens in an unprivileged pre-auth process that is subject to chroot and is further sandboxed on most major platforms.
And the second is a security update that fixes a problem with the PermitRemoteOpen option. In earlier versions of OpenSSH, PermitRemoteOpen would ignore the first arguments unless you said “any” or “none” keywords which caused the permission list to fail.
The third security update resolves an issue related to the CanonicalizeHostname and CanonicalizePermittedCNAMEs options: if enabled, then the system/libc resolver didn’t check if the name in the DNS response was valid or not, and as a result, attackers can use “CanonicalizeHostname” and “CanonicalizePermittedCNAMEs” to modify known_hosts files where invalid characters can be written, but as per the official release, they say:
“These names would still have to match the CanonicalizePermittedCNAMEs allow-list, so practical exploitation appears unlikely.”
Some of the new features you will find include support for channel inactivity timeouts, which can be configured by adding “ChannelTimeout” to the configuration to set timeouts based on the flow of traffic. If there is no traffic for a certain period of time, the connection will be dropped automatically.
You can also set the “UnusedConnectionTimeout” option to end client connections after a certain amount of time if there are no open channels.
Aside from that, you can add the -V (version) option to sshd like the client has, add the “Host” line to the output to show the original hostname, and now you can use the -X options on both scp and sftp to control read and write requests during a download or upload.
You can also scan entire CIDR address ranges, support dynamic remote port forwarding in escape command-lines, and many other bug fixes, such as warning if no host key is provided, switching scp from pipes to socket-pair communication, and so on.
To download and use the latest portable version of OpenSSH from source files in Linux, you can follow the steps below instructions, where you will first download and extract the archive package, then compile it and install it on your system.
Download & Extract OpenSSH 9.2
$ wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.2p1.tar.gz
$ tar xvf openssh-9.2p1.tar.gz
Change directory to openssh-9.2
$ cd openssh-9.2p1/
Run the following command to install
$ ./configure --prefix=/opt --sysconfdir=/etc/ssh
$ make install
If you want to know more about this release, you can check the official release notes.
A man with a tech effusive who has explored some of the amazing technology stuff and is exploring more. While moving towards, I had a chance to work on Android development, Linux, AWS, and DevOps with several open-source tools.