This release includes
-
Upstream changes from OpenSSH 8.6. Please note this release doesn't have FIDO support.
-
Breaking change
- SSH askpass requires
SSH_ASKPASS_REQUIREenvironment variable to be set as "prefer" (or) "force".
- SSH askpass requires
-
Security fixes
- For non en-us OS, enforce authorized keys for admin users are read from
$env:programdata\ssh\administrators_authorized_keys(#1757) - Ensure only admin users have access to modify the registry entries like DefaultShell (#1754)
- Use
$env:programdata\ssh\ssh_configonly if it has correct file permissions (non-admin users shouldn't have write permissions)
(#1753)
- For non en-us OS, enforce authorized keys for admin users are read from
-
Non-security fixes
- Allow
authorizedKeysCommandto work with the System user. Thanks to @bkatyl, @NoMoreFood. - Add moduli support.
- Allow support to configure the custom shell arguments.
- Allow SSH connection when the machine name is the same as the user name. Thanks to @oldium.
- For downlevel OS (win10 below), fix the scrolling issue after reaching the end of the screen.
- Write non-English characters to ETW / logfile.
- X11 related bugs . Thanks to @riverar.
- Fixes for various reliability issues listed here.
- Allow