|
13389 |
Support the "none" cipher |
wontfix |
22078 |
Starting ssh from inetd |
|
24559 |
Support the "none" cipher |
wontfix |
48057 |
scp -r follows symlinks |
fixed-upstream |
50517 |
ssh: Mysteriously fails |
|
52671 |
Support the "none" cipher |
wontfix |
54243 |
ssh: ssh shouldn't conflict with ssh2 |
|
54454 |
ssh: Drop-in compatibility with non-free ssh problems/issues |
|
61079 |
Would like slogin/ssh to *add* identity if agent is present. |
upstream |
62184 |
ssh: please add i18n to ssh :-) |
upstream |
63460 |
ssh calls pam_open_session in defferent process than setuid |
|
64346 |
sshd logs unknown usernames to syslog |
|
64388 |
root logins with {,s}hosts.equiv... |
|
64554 |
ssh: ssh doesn't respect /etc/securetty |
|
68908 |
manual page advice on shell vs. command for long-lived sessions? |
|
69601 |
ssh: protocol 2 incompatibility with F-Secure 2.0.10 |
|
70560 |
sshd ignores ListenAddress for X11Forwarding |
|
71494 |
New scp option: -L preserves symlinks |
patch, wontfix |
73611 |
sshd segfault if the pam_issue module is used |
|
74370 |
scp -P futile |
|
75250 |
ssh: syslogin_perform_logout: logout() returned an error |
|
75419 |
ssh: X11-Forwarding is buggy and crashes connections |
|
76056 |
scp: shoulf have a "force" option ala "cp -f" |
upstream, wontfix |
79795 |
ssh: the scp manpage doesn't say which parameter is the source and which is the target |
patch |
81619 |
ssh: ssh tcp port forwarding (other than X) doesn't work across socks firewalls |
|
81668 |
ssh: The authenticity of host 'hostname' can't be established [MAINTAINER SHOULD CLOSE] |
wontfix |
84008 |
please add long options |
upstream |
84010 |
scp: please consider adding a --target option |
|
84300 |
ssh: OpenSSH 2.3.0p1-1.11 requires 33 processes/user to open session |
|
85424 |
openssh should adopt /etc/ssh-nonfree on upgrade |
|
91378 |
ssh: ssh_config should contain UsePrivilegedPort |
|
93200 |
PermitEmptyPasswords seems to have no effect |
|
96709 |
X forwarding over ssh stopped working |
|
102743 |
ssh: ssh "waiting for forwarded connections to terminate" is delayed |
|
107793 |
SSH should make it simpler to check server keys |
|
109103 |
ssh: [bug compat] missing channel output with protocol 2 and 2.3.0p1 server |
|
109846 |
ssh: SSH uses PAM password authentication in SSH2 even if disabled in sshd_config |
|
110094 |
ssh-keygen takes 30mins to generate keys on fast m68k. Status indicator? |
|
111744 |
SSH 2.9p2-5 port-forwarded connection may fail to close cleanly |
|
113136 |
ssh: ssh does not display forwarded X11 connections it is wating on until done |
|
113608 |
scp: archive mode |
upstream, wontfix |
117318 |
ssh: Enabling IPv6 in sshd breaks IPv4 tunnels |
|
118615 |
ssh: ssh-add doesn't check validity of file |
|
122599 |
ssh: Listen on multiple ports when misconfigured / bad logging |
|
122602 |
ssh: Listen on multiple ports when misconfigured / bad logging |
|
123373 |
Resolver doesnt work properly |
|
125171 |
ssh: strange behavior with the HostbasedAuthentication opption in sshd_config |
moreinfo |
127426 |
ssh_config "Protocol (A),(B)" B is ignored if only one key in ~/.ssh/authorized_keys |
|
127656 |
OpenSSH strange behavior with an Configfile entry... |
moreinfo |
127835 |
ssh; Can't use RSA to login my machine anymore |
moreinfo |
129171 |
HAP-Patches for openssh |
|
129473 |
wish: option to make port forwarding failures non-critical |
|
130177 |
ssh: more information in return status |
|
130876 |
Sending server software version information should be optional |
patch |
131090 |
scp: please enable -f option to fork to background |
|
131600 |
ssh: connection locks up when exiting after su. |
|
132002 |
ssh: Problems connecting FreeBSD 4.5 (no password authentication mode is done) |
moreinfo |
133634 |
ssh: PAMAuthenticationViaKbdInt bypass PasswordAuthentication |
|
134192 |
ssh: scp could be smarter about remote files |
|
139505 |
ssh announces 'Debian' and package version in its banner. |
patch |
139579 |
ssh: PermitEmptyPasswords seems to have no effect |
|
140963 |
ssh should start if I launch /etc/init.d/ssh start |
patch |
149877 |
ssh: ssh shows you're running Debian |
patch |
151102 |
3.3 seems to fail on the aoutomounted nfs home directory. |
moreinfo |
151719 |
ssh: Clear text issues about PasswordAuthentication in sshd_config could be made clearer |
|
152250 |
ssh: Forwarding sets wrong display |
|
154645 |
ssh: ssh doesn't read /etc/hosts |
|
154899 |
ssh should provide rsh-client and rsh-server |
|
155669 |
ssh: SSH banner reveals too much information |
patch |
156447 |
sshd contains hardcoded path |
|
157138 |
ssh asks for pass phrase if identity file is not readable |
|
157705 |
ssh: scp man page lacks -f, nor --help |
upstream, wontfix |
163202 |
ssh: ssh with public key authentication seems paranoid about home dir permissions |
|
164866 |
ssh: scp a b c should fail if c does not exist |
|
166638 |
ssh-keygen -h could show more details |
patch |
167175 |
ssh: want line buffering |
|
170628 |
ssh freezes when used over slow connection (e.g. modem) |
|
172951 |
ssh: using [action=N] syntax in pam config breaks, but other apps handle it fine |
bookworm, bullseye, buster, jessie, sid, stretch, trixie, upstream |
173830 |
ssh: X11 forwarding configuration needs better documentation |
|
176214 |
ssh: man page not explicit about overwriting and -f |
upstream, wontfix |
176225 |
ssh: man page needs examples of source files and directories usage |
upstream |
183659 |
cvs: fails to terminate its ssh child |
|
183848 |
Too much information in OpenSSH line via telnet |
patch |
184250 |
ssh: export key id to environment, please! |
|
187105 |
ssh fails during long rsync file transfers with: Corrupted MAC on input. |
moreinfo |
187284 |
scp: copy from/to stdin/stdout |
upstream |
187558 |
ssh: non root users are unable to connect |
|
189425 |
PrivSep option doesn't work on GNU/Hurd (pending patch) |
moreinfo |
191015 |
ssh: Deprecated option "fallbacktorsh" |
|
196126 |
scp: bizarre new output format |
moreinfo, unreproducible |
197198 |
scp and sftp fail on large files |
|
199861 |
ssh: Deny/AllowUsers directive do not complain about ',' |
|
202534 |
ssh: XAUTHORITY not set for su. |
|
202868 |
ssh: ClientAlive not working |
|
203700 |
ssh: WIth many public keys provided by ssh-agent, connection fail |
|
204968 |
ssh: import/export audit according to CC |
upstream, wontfix |
207651 |
ssh: netstat reports wrong source IP and claims tcp6 |
|
208252 |
ssh 3.6 and pam_safeword.so.1 (incompatibility) |
|
211305 |
ssh: "Bad packet length" errors |
unreproducible |
211424 |
sftp ignores .ssh/config settings |
|
212480 |
openssh-server: GSSAPI support for multihomed hosts |
moreinfo, patch |
212518 |
"Add correct host key" message should say "delete the host key" instead |
upstream |
212787 |
sshd hangs on NIS account when using authorized_keys |
|
215784 |
scp: sitewide rate limit option |
upstream |
218098 |
libpam-modules: pam_nologin w/ openssh (handles /etc/nologin internally) |
|
219377 |
SSHd: Ignores Pam Lockout When using SSH PubKey Auth |
|
221849 |
ClientAliveInterval option emits error to screen |
|
221946 |
ssh and RFC 3041 |
|
222020 |
ssh_config(5): more detail on option arguments |
upstream |
222135 |
ssh: be case-insensitive to addresses in ssh_config |
|
222839 |
the ability to enable or disable "verbose" output while ssh is already running |
|
224405 |
sshd hang when problem allocating pty |
|
226349 |
ssh should not be started on upgrade if not running before |
|
227340 |
ssh: improve forced-commands-only documentation |
bookworm, bullseye, buster, jessie, sid, stretch, trixie |
228064 |
ssh: remote port forwarding (-R) binds always to localhost (ignores -g) |
|
234574 |
ssh-add: no support for different passphrase encodings |
|
236306 |
Segmentation fault during keyboard-interactive authentication in sshd |
|
237392 |
sshd priv. seperated process get in infinite loop on logout |
moreinfo |
237955 |
mysterious newline before shell prompt in remote login |
|
240506 |
New update breaks login with ldap |
|
242236 |
sshd eats 100% CPU after logout when X11 forwarding was used (UsePam related) |
|
243012 |
Confusing error message when the server closed the connection |
|
243832 |
ssh: connection closed after 10 minutes |
|
244924 |
ssh: scp only prints file modes and exits with status 1 |
bookworm, bullseye, buster, jessie, sid, stretch, trixie |
249558 |
would be nice for ssh to understand escapes in issue.net |
upstream, wontfix |
250311 |
ssh: pubkey auth fails between 3.8.1p1-3 and 3.4(woody) |
|
252649 |
sshd manpage unclear regarding permitopen, no-port-forwarding |
|
253743 |
/usr/bin/scp: scp foiled when input file grows during transfer |
wontfix |
254616 |
scp: -p should honour ACLs and filesystem attributes |
upstream, wontfix |
254909 |
/usr/bin/ssh: ssh -f needs a command?! |
|
258131 |
openssh: intermittant failure with GSSAPI authentication |
|
259780 |
ssh: ClientAliveInterval does not work together with -N |
|
265348 |
Segmentation fault in 'sshd' |
moreinfo, unreproducible |
265501 |
ssh: ProtocolKeepAlives is applied for host * even if defined for one host |
|
271714 |
ssh: enabling X11Forward yes fails mysteriously unless xauth is installed |
|
272653 |
ssh: option -l of scp (bandwidth limit) should apply to compressed data |
|
276455 |
ssh does not terminate on logout |
|
280610 |
ssh-agent man page insufficient for novices |
|
282339 |
single-purpose file transfer keys |
upstream |
283528 |
sshd is being started despite configuration setting |
fixed-in-experimental |
286844 |
sshd segmentation fault (sparc64) |
moreinfo |
289401 |
/usr/bin/scp: scp documentation: The -- flag is not documented |
upstream, wontfix |
289403 |
openssh: ssh documentation: No docs on -- flag. |
upstream, wontfix |
292932 |
openssh-server: The high-performance patch from PSC should be included as standard. |
patch, upstream, wontfix |
296231 |
cvs: symlink /usr/bin/rsh -> /etc/alternatives rsh missing |
|
296547 |
ssh: [CAN-2004-1653] default configuration for OpenSSH enables AllowTcpForwarding |
security |
296811 |
ssh: SSH hangs right after successful login |
|
297173 |
Please support name-based virtualhosting (yes, I know it's "impossible") |
|
298427 |
sshd on user-mode-linux segfaults with "UsePAM yes" |
|
299854 |
scp.1.gz: mention if -C as good as gzip manually |
|
300840 |
openssh-server: please consider setting ClientAliveInterval in the default config |
|
303168 |
ssh has poor -h|--help option parsing |
experimental |
307246 |
/usr/bin/ssh-add: ssh-add should update timeout |
|
307755 |
/usr/sbin/sshd: ssh: [manual] /etc/ssh/sshd_not_to_be_run is not documented |
|
309780 |
"ssh -N -X -A" doesn't set up X11 or agent forwarding |
|
310431 |
sshd_config should warn about GatewayPorts workaround |
|
311689 |
ssh-krb5: bad error reporting for ticket acquisition failure |
|
313044 |
/usr/bin/scp: scp: Atomic transfers? |
|
313045 |
/usr/bin/scp: scp: Avoid Text file busy error |
|
313317 |
openssh-server: PAM environment takes precedence over SendEnv |
l10n, patch |
313382 |
openssh-server: sshd re-exec requires execution with an absolute path |
|
314289 |
ssh: unable to login after upgrade to 4.1p1-3 (with some PAM configurations?) |
bookworm, bullseye, buster, jessie, sid, stretch, trixie |
314596 |
Cannot ssh OUT from host as non-root user |
|
314645 |
/usr/sbin/sshd: time delay of password check proves account existence to attackers |
moreinfo, security, unreproducible |
315040 |
openssh-server: Problem with pam_setcred() call |
|
316086 |
openssh-server: fails silently when -6 given but no IPv6 support in kernel |
|
317777 |
PAM modules relying on module-private data (pam_dhkeys, pam_krb5, AFS) fail |
|
318712 |
openssh-server: please include "tattle" and "never before seen" |
|
319244 |
openssh-server: Build the package with the OpenSSH LDAP public key patch (openssh-lpk) |
patch |
321523 |
ssh.1.gz: no password bootstrap example |
upstream |
321524 |
scp: a flag to create directories as needed |
upstream, wontfix |
321525 |
ssh: say who is doing the talking on escape responses |
upstream |
326027 |
ssh: sshd server does not encode banner in ISO-10646 |
l10n |
326209 |
openssh-client: ignore escape character (tilde) when text is pasted |
|
327358 |
ssh: can't handle more than 35 groups? |
|
327443 |
X Forwarding broken on IPv6 systems without X11UseLocalhost |
ipv6 |
331133 |
seems to get confused with certian /etc/hosts settings |
|
335531 |
openssh-client: Automatic connection caching broken after SIGKILL |
|
335962 |
openssh-client: Recursive loop on scp -r with symlink |
fixed-upstream |
336121 |
openssh: accept and send WINDOWID and TZ environment variables by default (PRINTER too ?) |
|
336539 |
`Tarpit' option? |
|
337484 |
openssh-client: ssh-add displays password with bad permissions on /dev/tty |
|
338325 |
ssh: client segv with gssapi |
|
341042 |
ssh: Slow Connections Due to Bogus IPv6 name resolution |
|
342137 |
openssh-server: Script on login never displays last window, other inconsistencies |
|
342154 |
ssh: Certain chars in password break logins |
|
342157 |
openssh-server: calls PAM auth and setcred in different contexts |
|
344020 |
ssh client segmentation fault (sparc64) |
|
350128 |
AllowUsers prevents showing IP in syslog rejection messages |
|
350208 |
sshd can't keep track of which DISPLAYs are in use |
|
350825 |
ssh --line-buffering |
|
350826 |
ssh.1.gz: users just want to copy key to login without passwd |
upstream |
351231 |
Ignore unknown options |
|
351440 |
scp unprepared for missing ":" |
upstream |
351489 |
openssh-client: fails to RSA authenticate between distinct remote hosts |
upstream |
352112 |
ssh_config.5.gz: double single quote marks |
|
352508 |
authorized_keys handling doesn't canonicalise IP address |
patch, upstream |
352518 |
extend authorized_keys command handling |
upstream |
352962 |
ssh: scp fails to copy to IPv6 addresses like ::ffff:ac10:0101 |
|
353303 |
High Speed Patch |
patch, upstream, wontfix |
354088 |
sshd: ctrl+C on ssh login creates defunct sshd processes |
|
354939 |
openssh-client: Customizable ssh password prompt |
|
355093 |
openssh-server: please allow ip/prefix notation in authorized_keys from clause |
upstream |
355694 |
scp: Terminal stops echoing characters after cancelling transfer at password stage |
|
360525 |
openssh-server: specified Port values ignored when additional ListenAddress enabled |
|
361663 |
openssh-server: accounts with empty password accessable after upgrade |
|
364634 |
ssh: Weird behavior with broken key |
|
365884 |
openssh-client: please offer the possibility to execute a shell command before initiating the connection |
patch, upstream, wontfix |
366096 |
ssh: Incompatible with lbxproxy |
|
367878 |
scp: manpage does not tell about what -B is doing |
|
367993 |
ssh: fails to show any error when start/stop as normal user fails |
|
368034 |
ssh: immediate failure of a child process doesn't cause an unsuccessful exit. |
|
369401 |
openssh-client: SenvEnv misses possibility to reset/override/disable previous settings |
|
379736 |
invalid reference to nc's proxy feature |
patch |
384530 |
openssh-client: Debug output uses DOS line endings |
|
387386 |
openssh-client: ssh-add(1) prints error message to stdout |
patch |
387669 |
forwarded connections disappear |
|
389011 |
scp: server side options not mentioned in manpage |
patch |
389338 |
openssh-server: Please add a service file for avahi |
|
390344 |
ssh-copy-id: Should specify that the remote command must be ran with /bin/sh |
patch |
391964 |
warn if client-requested locale not available on server? |
|
392428 |
ssh: OpenSSH Duplicated Block Remote Denial of Service Vulnerability (CVE-2006-4924) |
|
392856 |
openssh-server: Default locale ignored on ssh logins |
|
393704 |
interactive client dies on ill-timed SIGWINCH |
|
395535 |
openssh-server does not seem to care about libwrap |
|
397339 |
openssh-client: Drops SIGWINCH events when 'tail' is running |
|
398789 |
please make installable, even if no PRNG exists |
|
401535 |
please make installable, even if no PRNG exists |
|
403274 |
openssh-client: please document that ControlPath is subject to tilde expansion |
|
406137 |
ssh: upgrade causes etch dpkg to segv |
moreinfo |
406987 |
authorized_keys from="" syntax doesn't support multiple hosts |
|
407088 |
openssh-client: scp output alignment bug with UTF-8/multibyte sequences |
|
407866 |
ssh tries to access /dev/tty even with -T, and when no tty available |
|
408029 |
openssh-server: /etc/default/locale takes precedence over SendEnv |
l10n, patch |
409360 |
GSSAPI authentication is sometimes slow with Avahi |
|
413846 |
openssh-client: post-4.3p2-6 openssh gets kerberos-related hang (non-root only) |
|
414324 |
ssh client: poor handling of invalid known_hosts files |
|
415693 |
ssh hangs during fast dataflow |
|
415697 |
openssh-client: portforwarding with either -R or -L fails with module tun loaded |
|
417136 |
openssh-server: nothing logged for failed pubkey auth for valid users at default loglevel |
|
420452 |
/usr/bin/ssh-agent: -a option does not support filenames with spaces |
|
420454 |
openssh-client: Please include a LD_PRELOAD enabled ssh-agent wrapper |
patch |
420829 |
ssh-add: please check file type and test if it's actually a [private] key |
|
421993 |
fish + big archive ( + 2GB)= file nonconcluded |
|
422327 |
openssh-server: Fails to bind port for X11 forwarding, ipv4/ipv6 mess |
|
423855 |
openssh: tty modes not set or checked properly |
patch |
428632 |
openssh-client: please reject extra commandline arguments |
|
429645 |
ssh-add: man page is not clear about passphrase querying |
|
431731 |
Patch to add flexibility to ssh-copy-id |
patch |
436111 |
openssh-server: password-less login doesn't work for normal user under Hurd |
|
439058 |
GSSAPICleanupCredentials doesn't work for root |
|
440757 |
openssh-client: ssh-copy-id should use the actual key comment, not the key file name |
|
443056 |
openssh: ssh -w tunnel example |
|
445584 |
openssh-client: known_hosts searching not functional? |
|
446932 |
ssh -f should be able to comminicate the daemon's pid to its caller |
fixed-upstream |
447935 |
openssh-client: please provide a way for ssh-agent to send a notification when used |
|
448589 |
scp: Segfaults when recursivly transfering files from a La Fonera (running dropbear) |
moreinfo |
452035 |
openssh-server: sshd_config should have AllowUsers by default |
|
456811 |
wishlist: asymmetric compression |
|
458820 |
scp -v reveals undocumented -t |
patch |
459806 |
check arguments |
|
459807 |
include tun(4) |
|
465104 |
openssh-server: mention /etc/ssh/sshd_not_to_be_run in /etc/ssh/sshd_config |
|
468222 |
openssh: HPN 13v1 patch |
patch, upstream, wontfix |
471849 |
openssh-client: drops connections with "Corrupted MAC on input." errors when loads of data get transferred |
|
473137 |
scp: misleading error message when copying to a non-existent target directory |
|
475107 |
/usr/bin/ssh-keygen: -h generates key pair |
|
480266 |
option to create non-login shell over ControlMaster socket connections |
|
481235 |
HostKeyAlias does not work as expected |
|
481238 |
host key fingerprints in .ssh/config |
|
481251 |
support for .ssh/authorized_keys.d |
|
481278 |
openssh: Please provide server patched with LPK |
patch |
481860 |
openssh-server upgrade didn't remove all compromised keys from /etc/ssh |
security |
482025 |
openssh-client: Hashed keys by ssh-keyscan are not accepted by ssh client. |
|
482568 |
openssh-server: sshd disconnects client with exit 0 when symbolic links are met |
|
483663 |
openssh-client: quiet mode isn't quiet with -O |
patch, upstream |
483838 |
openssh-server: odd RSA key sizes fail cross-architecture |
|
486287 |
openssh-client: no progress bar shown when using scp remote to remote |
|
487484 |
[ssh-askpass-gnome] hangup mouse after 30 min. |
|
490175 |
openssh-client: ssh -X can remove :0 entry from .Xauthority |
|
491550 |
sshd does not log login attempts using invalid public keys |
|
492024 |
openssh-server: Doesn't support authorized_keys with user/role logins |
|
492447 |
ssh: (upstream) -o VisualHostKey suggestion |
upstream, wontfix |
492557 |
openssh-server discloses unnecessary information about the system in version string |
patch |
492781 |
ssh hangs after upgrades |
|
494311 |
openssh-server: Can no longer scp from D-I session running in VirtualBox VM on same machine |
|
496547 |
openssh-server: command in authorize_keys not executed |
|
496746 |
pubkey auth non-functional on testing? |
|
496914 |
Issue with current openssh-client and linuxlogo package display over the network. |
|
499131 |
ssh-copy-id: should accept more than a single server |
|
500121 |
openssh-server: Adjusted OOM killer is inherited by all child processes |
|
500192 |
openssh-server: support generation of ssh keys if none are present |
wontfix |
500568 |
improper IPv6 address matching for known_hosts |
bookworm, bullseye, buster, ipv6, jessie, sid, squeeze, stretch, trixie, wheezy |
503880 |
openssh bug 5.1p1-3: logs flooded with errors |
|
505293 |
openssh-server: sshd should AcceptEnv COLORFGBG |
patch |
505656 |
-O check option does not honour -q |
patch, upstream |
505657 |
PreCommand option to run a hook before session is set up |
upstream |
505995 |
openssh-server: openssh server fails on reboot |
|
507478 |
ssh-client: ssh-RSA-auth-keys larger than 4609 bits fail to authenticate. |
|
509028 |
openssh-client: ssh-keygen -l on known_hosts file does not display hostnames for lines with comments |
|
509229 |
openssh-client: ssh-agent man page describes wrong (and insecure) forwarding behavior |
patch |
509443 |
runtime control of maximum bandwidth |
|
510951 |
segfaults after PAM thread exits unexpectedly |
|
511120 |
openssh-client: VisualHostKey behaves inconsistend to normal fingerprint showing behaviour |
patch, upstream |
512209 |
Please don't touch sshd from interfaces-up |
|
513071 |
Regression: for some hosts etch can connect but lenny can't (password auth) |
|
513235 |
ssh tries the keys proposed by the agent before those passed with -i |
fixed-upstream |
514523 |
ListenAddress :: does not allow IPv4 connections |
|
514585 |
openssh-client: scp .bashrc fails |
|
516441 |
ssh: port forwarding broken? |
|
517641 |
ssh-copy-id: option to replace specified key with a newly created key |
|
519990 |
openssh-server: login with domain/user not working |
|
524329 |
openssh-server: regression - .Xauthority corrupted on systems with shared $HOME in Lenny |
|
525335 |
No way to reenable Nagle's algorithm (opposite of TCP_NODELAY) |
|
525435 |
X11 forwarding points $DISPLAY at reusable resource |
|
526904 |
/usr/bin/ssh: ssh fails to execure command on remote side. |
|
527288 |
openssh-client: Incorrect "Is a directory" error |
|
530507 |
sshfs hangs when trying to access /proc of another host |
|
531070 |
mention if decoding known_hosts is possible |
|
536464 |
ssh: remote host identification changed warning could be more helpful |
|
536772 |
openssh-client: often, "Read from remote host ????: Connection reset by peer" |
|
538197 |
openssh-client: [sftp] support multiple args: <command> <item> <item> ... |
|
538199 |
openssh-client: [sftp] add recursive option -r to command rm |
|
539412 |
ssh -oExitOnForwardFailure=yes -R... -f fails too late |
patch |
544334 |
openssh-client: Crazy design/processing of tun-related options and some flaw in man pages |
|
544469 |
ssh-askpass-gnome displays errors |
|
546923 |
openssh-server: no way to unset forcecommand |
|
550260 |
add reference to control master to environment of slave sessions |
|
553675 |
openssh-client: [ssh] Send --help to stdout, not stderr |
fixed-upstream |
556142 |
Move openssh-client recommendation of xauth to an X related package |
|
556648 |
openssh-server: internal-sftp is incompatable with SE Linux |
|
558171 |
openssh-client: some LC_LOCALE settings make ssh fail to open a shell |
|
558309 |
please incorporate nss patches from Fedora |
|
559869 |
openssh-server loses connectivity on high load after upgrade |
|
562432 |
ssh-keygen -r refuses to read keys in "known hosts" format |
|
563857 |
ssh: "-O exit" doesn't respect "-q" |
patch, upstream |
565390 |
/usr/bin/scp: don't ask for password multiple times when copying multiple files from the same server |
|
566831 |
sshd started after upgrade even if not running and disabled |
|
567708 |
openssh: FTPFS with heimdal < 1.3.0 |
patch |
568108 |
/usr/bin/ssh: Wrong characters accepted between UTF-8 server and UTF-8 client using Banner |
l10n |
568406 |
better instructions for remote host identification changed spoofing warning |
|
571606 |
openssh-client: ssh should write its name when outputting messages |
|
573317 |
openssh-client: ssh_config(5) man page correction ("For each parameter, the first...") |
|
573739 |
openssh-client: GSSAPIDelegateCredentials no longer works |
|
574035 |
openssh-server: sshd_config(5) should mention that the server needs xauth for X11 forwarding |
|
578422 |
openssh-client: allow display of bubblebabble fingerprint when connecting |
|
580919 |
During upgrade niceness of server-process is inherited from mother-process. |
|
583339 |
openssh-client: shared connection freezes until master is restarted |
|
587897 |
ssh-keygen -R doesn't report or document failure cases |
upstream |
590578 |
openssh-server: exits if ListenAddress is not available for binding |
|
594175 |
openssh-server: support generation of ssh host keys in init script |
|
594295 |
openssh-client: Please either support or ignore ControlPersist in stable, for compatibility |
|
594307 |
openssh-client: Cannot enable agent forwarding if persistent master connection exists with no forwarding |
upstream, wontfix |
595014 |
openssh-server: X11Forwarding does not work when net.ipv6.conf.all.disable_ipv6 = 1 |
|
595311 |
openssh-client: untrusted X11 forwarding broken |
|
596087 |
'Bad packet length' error when using ControlPersist in a 'ssh -W' ProxyCommand |
experimental |
598641 |
openssh-client: scp progress output formatting is incorrect |
|
599017 |
openssh-client: Global "User" setting in .ssh/config fails |
upstream |
599399 |
Incorrect effective groups when logging in with NIS and pubkey auth |
|
601864 |
openssh-server: Environment variable defaults in PAM act as overrides |
|
603778 |
safety catch to prevent accidental local copying |
|
607238 |
openssh-server: Unsupported option KerberosGetAFSToken |
|
607267 |
/usr/bin/scp: fails to notice close() errors |
squeeze-ignore |
607369 |
authorized_keys: key options on items preceding match key generates false log output |
|
607602 |
openssh-server: Bogus warning, "Authentication tried for XXX with correct key but not from a permitted host" |
fixed-upstream |
609546 |
possibel bug in sshd: pubkey auth does not more work if ${HOME} is NFS |
|
610044 |
openssh-server: SSH into OpenVZ container results in "error writing /proc/self/oom_adj: Operation not permitted" in /var/log/auth.log |
|
610590 |
openssh: support for host:port format |
|
610969 |
openssh-server: Make sftp transfer log work if /dev/log not writable for normal user |
|
611380 |
openssh-client: sftp's put -r fails with "Unable to canonicalise path" |
|
611392 |
sshd_config(5) could better describe Ciphers |
|
612413 |
openssh-server: Kerberos cred cache not cleaned up after failed authorisation by PAM |
|
612433 |
IPv4-specific port option |
ipv6 |
613578 |
error messages should make clear if they are talking about remote or local machine |
|
616369 |
/usr/bin/sftp: sftp interactive does not work correctly with multibyte charachters |
|
616610 |
openssh-client: ssh config does not like IPv6 link local address as hostname anymore (worked before today's update) |
bookworm, bullseye, buster, ipv6, jessie, sid, stretch, trixie |
617512 |
print warning about missing /usr/bin/xauth? |
|
618863 |
/usr/bin/ssh: insecurely verifies host key with VerifyHostKeyDNS option |
upstream |
619568 |
ssh: broken and unsufficiently-documented handling of "command" arg |
|
619760 |
openssh-server: sshd should honour TMPDIR to set up auth_sock_dir (forwarding) |
patch |
620457 |
Please move /tmp/ssh-XXXXXXXXXXXX directories to $XDG_RUNTIME_DIR |
fixed-upstream |
621044 |
ssh -i id_file doesn't use encrypted pubkey file |
|
623403 |
openssh-server: sshd doesn't kill spawned remote process |
|
623570 |
openssh-server: ssh -X user@server hangs after logout |
|
624248 |
openssh-server: allow %g (group) pattern in ChrootDirectory directive |
patch |
624425 |
openssh-server: strange segfaults in logs and posssibility of successfull remote command execution |
|
625662 |
sftp doesn't allow non-ASCII input |
|
626112 |
openssh-server: ssh doesn't log some failed authentications to auth.log anymore |
security |
626864 |
openssh-client: false claims of "something nasty" when using -o HostKeyAlgorithms |
|
627050 |
openssh-server: sftp server crashes |
wheezy |
628579 |
openssh-server: sshd duplicate syslog messages |
|
628690 |
openssh-server inherits oom_adj -17 upon start under specific conditions, causing DoS potential for oom_killer |
|
629853 |
openssh-server: sshd_config 'Match' specification's arguments are not terminated by beginning of next 'Match' block |
|
631708 |
openssh-server: ssh hangs on exit if X11 forwarding has been used |
|
638940 |
openssh-client: Regression from 5.5p1 to 5.8p1 - unable to connect to servers |
|
639330 |
openssh-server doesn't check if user's shell is listed in /etc/shells |
|
639376 |
ssh key exchange blocked by checkpoint firewall |
wheezy |
640416 |
openssh-client: Add ssh-update-key |
|
643606 |
ssh-keygen: `-V' relative end-times -- implementation doesn't match manpage |
|
644130 |
openssh-server: Sets DISPLAY to wrong value |
|
645788 |
openssh-server: /run on tmpfs breaks sshd started from inetd |
|
646596 |
/usr/sbin/sshd: ssh connection is broken with "Disconnecting: Bad packet length 3369506166" message |
|
650512 |
IPQoS not honoured |
fixed-upstream |
650521 |
QoS/DSCP names false translated to ToS hex value |
upstream |
650982 |
openssh-server: sftp server should not seek just after opening a file |
|
652539 |
Copy DSCP field from request to response packets |
upstream |
652622 |
openssh-server: Match block should allow PrintMotd and PrintLastlog |
patch, upstream |
655361 |
/usr/bin/ssh: Want option to forward Network Audio System traffic |
|
656434 |
Openssh compiled with heimdal as kerberos library |
|
659000 |
sshd logs spurious errors with publickey authentication |
fixed-upstream |
659289 |
openssh-client: ControlMaster not honored when Hostname refers to a previously defined machine |
|
660995 |
openssh-server: Better document the security implications of disabling GSSAPIStrictAcceptorCheck |
|
661585 |
openssh-client: ssh client no longer asks for key-file's password on command line |
|
664969 |
openssh-client: ssh sigsegv to Sun_SSH_1.1.1 server |
|
667671 |
ssh_config(5): can't break line, spaces at end of line, and after sentences in the manual |
patch |
667679 |
openssh-server: Multiple OpenSSH daemons setup with modified init script |
patch |
668195 |
openssh-server: Forwarded Kerberos ticket has the wrong filename |
|
670491 |
ssh: Virtual servers |
patch |
671367 |
openssh-server - AuthorizedKeysFile2 only gives deprecation warning |
|
672993 |
openssh-server: sshd should AcceptEnv EDITOR |
|
679783 |
openssh-client: scp - scp could also copy user/group |
upstream |
691444 |
make sure the warning also says how to add the key! |
|
693424 |
ssh: Please include HPN (high performance networking) patches for SSH |
patch, upstream, wontfix |
695466 |
/usr/bin/scp: scp misses scp -u for update |
|
695734 |
Log IP instead of hostname |
upstream |
698669 |
Access to escape functions with ControlPersist |
|
698756 |
openssh-client: please support --help |
upstream |
698794 |
openssh-client: Uses ECDSA but does not understand SSHFP records |
upstream |
699473 |
openssh-server has overly restrictive dependency on exact openssh-client version |
|
702708 |
openssh-client: ssh-agent aborts quietly when ssh-askpass is not installed |
|
704170 |
openssh-server: MITM attack warning should indicate old/new IPs |
|
706194 |
openssh-client: Does not respect $HOME |
|
708372 |
don't say "100%" until the file is really fully transmitted |
|
709493 |
openssh-client: [ssh-keygen] -r always gives same answer |
|
710755 |
openssh-server: LSB: Should-Start: network-manager |
|
710853 |
openssh-server: ssh server keys creation |
|
711215 |
openssh-client: ssh-copy-id improved |
patch |
712289 |
openssh-server: invalid user logging skipped if username is capitalized version of a valid name |
security |
712859 |
openssh-server: generate ssh-keys on demand if not avail |
|
713806 |
subsystems: hide informational logging warning |
|
714435 |
openssh-client: please support reattach to existing ssh-agent |
upstream |
720940 |
openssh-client: cannot bind to single IPv4 and single IPv6 address |
ipv6 |
725169 |
/etc/init.d/ssh: Init script doesn't check for root privileges |
patch |
726579 |
Missing IP address in log "fatal: no hostkey alg" |
|
726755 |
Please include High-performane-patch |
patch, upstream, wontfix |
728391 |
No diagnostic for missing private key file (!) |
|
730176 |
Increase MaxStartups to 20 |
|
732109 |
base: /etc/pam.d/sshd overides setting up LANG from a ssh sessions. |
l10n, patch, upstream, wontfix |
732954 |
openssh-client: error messages should contain the process name as usual |
|
732979 |
openssh-server Depends on openssh-client |
|
733573 |
ssh: Doesn't use the key from -i when using an agent. |
|
733661 |
ssh-keygen on authorized_keys file |
|
734174 |
openssh-server: SELinux errors in syslog |
|
741344 |
ssh-copy-id: Could not resolve hostname :: Name or service not known |
|
743203 |
Address canonicalization is suboptimal |
|
743624 |
openssh-client: CanonicalizeHostname and GSSAPIDelegateCredentials |
|
743972 |
openssh-client: ssh reprocesses configuration files even when CanonicalizeHostname is not set |
|
745778 |
openssh-server/permit-root-login should be honored for new installs too |
|
747096 |
openssh-client: key negotiation fails for mtu>1500 and Ciphers (options) > 3 |
|
747098 |
openssh-client: key negotiation fails for mtu>1500 and Ciphers (options) > 3 |
|
747303 |
openssh-server: Please move pam_selinux open call higher in the session PAM stack |
patch |
747743 |
systemd: After switching from sysvinit to systemd former disabled services are started |
|
748255 |
openssh-client: If VerifyHostKeyDNS is set, HostKeyAlgorithms should prefer algorithms with (comprehensible) SSHFP records |
|
753597 |
openssh-client: Cannot connect to hosts with 512-bit RSA key: RSA modulus too small |
|
754082 |
OpenSSH client: add X forwarding support for systems using pam_namespace.so |
patch |
754842 |
[openssh-client] weird output from ssh-add -D when used with ssh-agent-filter |
|
755983 |
openssh-client: Erroneous message using ssh-copy-id when you have PubkeyAuthentication = yes |
|
756930 |
ssh-add: display bad perm warning only if private key is owned by the same user |
|
759628 |
openssh-client: ssh ignores non-existent private key |
|
761600 |
sshd.pam: reads env variables from user file |
security |
763118 |
sshd(8): options field in authorized_keys is no longer detected by numbers |
|
763942 |
insufficient warning removal instructions |
|
764024 |
openssh-server: Allow sshd to reject GSS authentication for kerberos unless tickest are also delegated |
patch |
764608 |
patch for X11 forwarding when pam_namespace.so is used on SSH client |
patch |
764799 |
openssh-server: sshd segfaults after connecting from remote client |
|
765486 |
openssh-server: ssh server should start ealier on Debian to allow debugging hanging application startup |
|
765632 |
openssh-client: Debian shouldn't deviate in hardcoded default values, especially not ForwardX11Trusted |
security |
765655 |
openssh: please clarify documentations for GSSAPI's cascading credential feature |
patch, upstream |
766280 |
openssh-client: Failure to authenticate when PKCS11Provider is set and PKCS11Provider does not have an authorized key |
|
767320 |
openssh-server: doesn't start at boot |
|
768293 |
openssh-server: uname stanza missing from SSHD's MOTD |
|
769388 |
'PermitRootLogin without-password' in new installations breaks some use cases |
moreinfo |
771321 |
openssh-client: ssh-copy-id appears to hang when an existing control master is open |
|
774410 |
allow for the package-specific version banner to be suppressed for ssh client |
patch |
774411 |
allow for the package-specific version banner to be suppressed for ssh client |
patch |
774711 |
OpenSSH should use stronger crypto algo and parameters respectively disable others |
patch, security |
774793 |
OpenSSH should use stronger crypto algo and parameters respectively disable others |
patch, security |
776844 |
openssh-client: OpenSSH Client appears to try user's keys in wrong order |
|
777549 |
openssh-client: Setting KexAlgorithms disables GSSAPIKeyExchange |
|
778459 |
migration question for "PermitRootLogin without-password" should be skipped if "PasswordAuthentication no" is set |
|
779069 |
openssh-server: no way to disable unix domain socket/streamlocal forwarding from authorized_keys |
security |
780396 |
setting up a headless system |
moreinfo |
781107 |
ssh-keygen -F return code has changed and is not documented |
upstream |
781646 |
openssh-client: should chdir("/") with ControlPersist |
upstream |
782191 |
error message "Unable to connect to Upstart" on installation |
patch, pending |
783594 |
openssh-server: sshd -T does not show actual kexchange and ciphers |
|
784288 |
openssh-server: create hostkeys with $(hostname -f) as comment |
|
786987 |
openssh-server: please have DebianBanner default to no |
|
787002 |
openssh-client: Debian shouldn't deviate in hardcoded default values, especially not ForwardX11Trusted |
security |
789425 |
openssh-server: sshd does not start correctly after a system reboot; port set in sshd_config is ignored; default port is used |
|
790236 |
openssh-server: sshd segfaults afer many unsuccesfull login attempts |
|
790401 |
openssh: Please pass the XTERM_VERSION environment variable |
|
791638 |
openssh-server: Comment lines breaking configuration; 'match user' block being broken by comment lines |
|
792513 |
openssh-client: Please support using multiple CPUs/cores for ssh-keygen -T |
upstream |
793305 |
openssh-client: Sensitivity to extra whitespace characters in known_hosts file |
|
793975 |
IDN not usable |
|
794063 |
ssh with ControlMaster and ControlPath hangs on 2nd session in same terminal |
|
794568 |
OpenSSH server does not recognize principals option in authorized_keys file |
moreinfo |
795873 |
openssh-server: Please use a symlink to mask the LSB initscript instead of an alias in the .service file |
|
797703 |
openssh-client: ssh-copy-id hangs when connection sharing in effect |
|
799978 |
openssh-server: Starting sshd with option -i from systemd will refuse login with "Bad packet length" |
|
800464 |
openssh-client: SSH over VPN hangs on 'expecting SSH2_MSG_KEX_ECDH_REPLY' |
|
801150 |
PubkeyAuthentication not working when ~/.ssh/id_rsa.pub is present |
|
801173 |
ssh-agents kill each other |
|
801274 |
"ssh-agent -d command" not working |
|
801507 |
openssh-server: Logins to SSH are slow (not DNS) |
|
801530 |
openssh-client: Segfault on malformed keys - possible security impact |
security |
801664 |
openssh-client: "ssh-keygen -f ... -R" proposed when hostkey doesn't match is interpreted by shells |
patch |
803318 |
openssh-client: trusted X11 always on by default with -X, ssh_config -Y default misleading |
security |
803622 |
openssh: drop mention-ssh-keygen-on-keychange.patch |
|
804817 |
Manpage gives misleading information about "secure fingerprints" from DNS (SSHFP records) |
patch, upstream |
804818 |
Improved interplay between StrictHostKeyChecking and VerifyHostKeyDNS |
|
806427 |
ProxyCommand %h does not respect CanonicalizeHostname |
|
806938 |
openssh-client: after Ctrl-D, "packet_write_wait: Connection to UNKNOWN: Broken pipe" message |
|
807081 |
openssh-server: Does not set TCP_NODELAY on X11 forward |
|
810546 |
openssh-client: hostkey verification fails checking/matching HostKeyAlgorithm; misreports offending HostKey |
|
814018 |
say 'no such directory' instead of 'is a directory' |
|
821735 |
dynamic motd inconsistencies |
|
822058 |
also mention ssh-keygen -R IP_address |
|
822060 |
mention -R IP_address too |
|
824010 |
ssh-keyscan doesn't record port specified with -p in its output |
|
827429 |
openssh in jessie might leak info regarding validity of usernames |
|
833263 |
openssh-server: SIGPIPE ignored/blocked differs between upgraded and fresh jessie system |
|
833823 |
CVE-2016-6515: CPU consumption via auth_password |
fixed-upstream, security, upstream |
841237 |
openssh-server: option to let openssh/sftp force the exact permissions on newly uploaded files |
|
841531 |
openssh-client: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 |
|
841782 |
openssh-client: SSH disconnects after 10 seconds (or less) |
|
841982 |
ssh: Allow StrictModes inside a Match User block |
|
845042 |
openssh-server: Generates invalid ecdsa host keys |
|
845222 |
openssh-client: ssh-copy-id creates ~/.ssh with wrong permissions |
moreinfo, unreproducible |
846165 |
.../.ssh/config line 127: Bad protocol spec '1'. |
|
846166 |
.../.ssh/config line 127: Bad protocol spec '1'. |
|
846379 |
Problem with reverse tunnel between SSH client 5.5p1 and SSH server > 6.4p1 |
upstream |
848110 |
openssh-server: Please add a note in the sshd_config file that UsePAM must be set to yes with systemd/logind |
|
850323 |
openssh-client: ssh-agent x-session-manager does not restart when you log out of Gnome3 and log back in again |
|
852400 |
openssh-server: Strategy used for HostKey options in sshd_config |
|
858225 |
[openssh] does not unlink unix sockets on close |
|
858404 |
openssh-client: bit rate transferring is not respected at the beggining of the transferring |
|
858646 |
openssh-client: security update of ssh-copy-id breaks previous behaviour by searching for matching private key |
upstream |
858874 |
openssh-server: gssapi-keyex userauth fails with privsep and AuthenticationMethods both configured |
|
859270 |
OpenSSH should make it possible to explicitly chose public (long-lived) IPv6 address over temporary (anti-tracking) IPv6 address |
|
860410 |
openssh-server: sshd needs more RAM than before and limits.conf applies to it |
|
861078 |
/usr/bin/ssh: Unsupported option "compressionlevel" |
|
862316 |
please help avoiding config file conflicts on updates |
|
864920 |
openssh-client: please make FingerprintHash support an "all" option |
|
865854 |
/usr/bin/ssh-add: ssh-add does not add Ed25519 keys to agent |
|
866675 |
ssh does not follow the order of specific identity files in /etc/ssh/ssh_config despite IdentitiesOnly being set |
|
866811 |
[ssh/sftp] |
|
867033 |
Openssh Server causes Server Hang |
|
868009 |
Immediate disconnect after successful authentication when "UsePrivilegeSeparation sandbox" is used |
|
868149 |
openssh-server: clean up legacy ssh-session-cleanup.service |
|
869371 |
openssh-server: reports failure creating ECDSA key during initial configuration |
|
869671 |
openssh-server: sshd doesn't restart (fail) on temporary problem |
|
869787 |
Please let me ssh-add a group-writeable private key file |
|
869903 |
regression: putting an hostname in authorized_keys from="" field does not work anymore in stretch |
|
870407 |
Option to reset terminal after ~. escape |
|
875979 |
openssh-client: Please ship /usr/bin/scp in its own binary package |
|
877020 |
openssh-client: Fails to unlink ControlMaster socket early enough, confuses other clients |
|
879969 |
ssh-keygen confused by ssh1 keys in known_hosts |
|
881594 |
openssh-sftp-server: sftp subsystem is installed in the wrong directory |
|
884096 |
openssh-client: "Too many authentication failures" with the 7th identity |
|
884624 |
openssh-server: serice fails with invalid argument to Match Address in sshd_config |
|
896145 |
Wrong DNS resolving for SSHFP lookup |
|
903603 |
ssh upgrade breaks in some openvz container |
|
904392 |
openssh-client: The ssh client doesn't reset working directory when it daemonizes itself |
|
907503 |
openssh: CVE-2018-15919: user enumeration via auth2-gss.c |
security, upstream |
908113 |
openssh-client: When I try to connect to a remote SSH server I got broken-pipe error |
upstream |
908195 |
openssh-server: agent forwarding broken in incoming ssh connections |
|
908556 |
IPQoS change in 7.8p1 broke network access via Palo Alto Networks Global Protect |
|
908839 |
Some of my stretch ssh clients can no longer negotiate chacha20-poly1305 |
|
910406 |
ssh-add: ignores IdentityAgent configuration value |
|
911758 |
ssh-add doesn't recognize PKCS#11 URL |
|
911974 |
openssh-client: please avoid shipping setuid ssh-keysign by default |
|
912569 |
openssh-client: openssh 7.8p1-1 and higher fail to connect to any host, "packet_write_wait: Broken pipe" |
|
912616 |
openssh-server: sshd waits for "kernel: random: crng init done" |
|
913981 |
sshd reported startup time > 30s |
|
919047 |
ssh_config: allow tokens for IdentityFile keyword |
|
919271 |
base-files: Provide easy access to motd |
|
922205 |
openssh-client: scp regression: CVE-2019-6111 fix breaks syntax to overwrite target directory permissions |
|
923286 |
scp: 'protocol error: filename does not match request' even though it does match |
|
927884 |
openssh-server: Fails to restart ssh service after upgrade |
|
929681 |
openssh: port forwarding (-L option) stopped working |
|
929684 |
agent forwarding should be disabled by default |
|
931187 |
motd not shown on multiplexed connections |
|
931272 |
openssh-server: incoming connections fail if openssl's afalg engine is enabled |
|
931631 |
Wrong dependency on virtual logind packages |
|
932089 |
openssh-server: Cannot log into openssh-server on buster/mipsel |
|
932281 |
/usr/bin/ssh: slogin and ssh behave different at starting remote mathematica session |
|
932312 |
openssh-client: ssh client issues, e.g. client_loop: send disconnect: Broken pipe |
|
932439 |
openssh-server: sshd does not work after reboot: lack of system entropy |
|
933556 |
openssh-server ppc64el: ssh_dispatch_run_fatal: incorrect signature |
|
935920 |
Upgrade from stretch to buster removes /etc/network/if-up.d/ |
|
939976 |
After unattended Upgrade of openssh-server from Release 1:7.4p1-10+deb9u6 to 1:7.4p1-10+deb9u7 no more Public Key Auth if 8K key is used |
stretch |
941443 |
openssh-client: Causes terminal corruption by disabling XON/XOFF unconditionally |
fixed-upstream |
942100 |
openssh-server: /etc/ssh/sshd_config unconditionally overwritten by update |
|
942890 |
openssh-server: daemon slow to start |
|
945879 |
openssh-server: cgroup leftovers with socket activation when key exchange fails |
|
945916 |
Need to install openssh-server to read documentation of ~/.ssh/known_hosts |
|
946180 |
openssh-server: Occasionally missing privilege separation directory with ssh.socket |
|
946970 |
scp of large files breaks with kernel 5.4.x |
|
953035 |
openssh-client: SIGABRT with âcorrupted size vs. prev_sizeâ |
|
953080 |
create and store ssh private host keys in tpm? |
|
954965 |
/etc/ssh/ssh_config: ssh_config: Include custom config files at the end, so they can overwrite the default settings |
|
958240 |
/usr/bin/ssh: ssh client should process arguments in the command line order |
|
959206 |
sshd: kex_exchange_identification failures are logged as error |
|
960023 |
SSHFP stops working with libc6 2.31 [AD bit stripped] |
|
961311 |
ssh-agent.service: cannot work without x11-common installed |
|
963202 |
ssh: ExitOnForwardFailure and X forwarding |
|
964580 |
openssh-server: ordering of /etc/pam.d/sshd inconsistent with e.g. /etc/pam.d/login |
|
965132 |
openssh-server: add ssh@.socket |
patch |
968994 |
openssh-server: sshd disconnect the connection attempts sometimes |
|
972091 |
openssh-client: ssh -o KbdInteractiveAuthentication=no gets ignored |
|
975104 |
openssh-client: ssh cannot be interrupted at "debug1: pledge: network" |
|
976864 |
openssh-client: fails to parse quoted setting tokens |
|
977971 |
openssh-client: ssh-keygen fails to create ed25519-sk |
|
979868 |
/usr/share/man/man1/ssh.1.gz: ssh(1) doesn't document -D supporting named Unix sockets |
patch, upstream |
980393 |
/usr/bin/ssh-keygen: -t ecdsa-sk fails with "Key enrollment failed: invalid format" |
|
982950 |
ssh.service starts sshd before network is online: please switch to After=network-online.target instead of just After=network.target |
|
984876 |
openssh-server: logs unsightly errors from pam_env due to missing /etc/default/locale |
|
986303 |
openssh-client: tries to place known_hosts in parent directory when .ssh is a symlink |
|
986761 |
openssh fails to start when using ListenAddress and systemd-network |
|
987849 |
ssh: misleading "invalid format" message about public key when using private key |
|
987860 |
openssh-server: homedir not updated |
|
987916 |
openssh: Segfault or malloc_consolidate(): invalid chunk size + Aborted with GSSAPITrustDns yes |
|
988258 |
/usr/bin/scp: Use power of two units in scp progress speed |
upstream |
989276 |
openssh-server: unhelpful error message when fail to reverse look up client IP during HostbasedAuthentication because UseDNS is off |
upstream |
989277 |
openssh-client: Always sends the short hostname for HostbasedAuthentication |
|
989906 |
openssh-server: With GSSAPIKeyExchage "yes" openssh presents poor quality key exchange methods |
|
990882 |
openssh-server: With ipv6 ssh-client fail as well as scp getting expecting SSH2_MSG_KEX_ECDH_REPLY |
ipv6 |
991936 |
openssh-server: seccomp filter defaults to SIGSYS, could break any libc or kernel upgrade |
upstream |
992310 |
openssh-server: debian10/11: ssh from ipv6 address not in /etc/hosts.allow = sshd segfault |
|
993070 |
Missing privilege separation directory: /run/sshd |
|
993459 |
openssh-server: sshd's PAM configuration doesn't set $MAIL |
|
994001 |
openssh-server: Almost locked out due #990456 |
|
994970 |
SSHD stops to work randomly |
|
998619 |
openssh-server: server-sig-algs |
|
998834 |
Multiple subsystem options in sshd_config prevent sshd from starting |
patch |
1000198 |
openssh-server: insecure algorithms reported by ssh-audit |
security |
1000321 |
openssh-server: HostKeyAlgorithms sk-ssh-ed25519@openssh.com ignored by server |
|
1000621 |
/etc/ssh/sshd_config options: ClientAliveInterval and ClientAliveCountMax not working |
|
1000626 |
openssh-server: missing dependency setting |
|
1001834 |
openssh-client: scp 1:8.7p1-2 timeouts when connecting to non LAN machines |
|
1002691 |
openssh-client: ssh-agent doesn't get autostarted under wayland |
|
1002710 |
openssh-server: Include directive in stock /etc/ssh/sshd_config does not play well with Match directives |
|
1003244 |
openssh-client: ssh_config manpage has conflicting information about Debian-specific changes to defaults |
|
1006171 |
Make internal-sftp the default |
|
1009649 |
libc upgrade caused connection failure after "ssh debug1: expecting" SSH2_MSG_KEX_ECDH_REPLY |
|
1010982 |
openssh-client: Unable to negotiate with [IP Address] port [Port #]: no matching host key type found. |
|
1011292 |
openssh-client: scp -O should be doable with a configuration file entry (in ~/.ssh/config) |
upstream |
1014359 |
openssh-server: DisableForwarding does not override AllowAgentForwarding and X11Forwarding |
|
1019426 |
openssh-client: ssh-agent can leave zombie ssh-pkcs11-help |
|
1024568 |
openssh-client: ignores $HOME environment variable |
upstream |
1024592 |
systemd configuration for inetd mode is broken in 1:9.1p1-1 |
|
1025533 |
New systemd socket activation breaks existing setups |
|
1027000 |
openssh-server: sshd(8) man page: LOGIN PROCESS section is incomplete and misleading |
|
1035754 |
openssh-server: PermitEmptyPasswords=yes causes login to take 2-4s by enabling PAM password check |
|
1036264 |
Key usage prompt doesn't show up on X |
|
1038150 |
openssh-client: Please add the openssh-client group rename from "ssh" to "_ssh" to the bookworm release notes |
|
1039866 |
openssh-server: bookworm config enforces outdated extern sftp-server, unable to override |
|
1039919 |
Please consider the ssh-agent socket activation patch |
fixed-upstream, patch |
1040311 |
openssh: ssh-keygen -C '' creates trailing whitespace in pubkeys |
|
1042801 |
Enhancement request to "AcceptEnv TZ" in /usr/share/openssh/sshd_config file |
|
1051710 |
Cannot use Ctrl-C to interrupt remote command with ControlMaster=auto |
|
1053737 |
/usr/bin/ssh-keygen: ssh-keygen -R: "invalid line" errors |
|
1053746 |
openssh-server: Upgrade from 1:9.2p1-2 to 1:9.2p1-2+deb12u1 disabled GSSAPIAuthentication |
|
1053822 |
openssh-client: consider patch for allow GSSAPI to use default ccache or unique |
|
1058899 |
openssh-client: ssh-copy-id should warn on command= when copying pub key |
upstream |
1059393 |
openssh: CVE-2023-51767 |
security, upstream |
1059942 |
ssh-agent started in KDE session via systemd user sesson doesn't work without restart |
|
1062930 |
openssh-client: ssh fails with "Connection corrupted" error when connecting to Oracle Linux systems |
|
1063842 |
openssh-server: Binding to a static IPv6 address causes sshd to fail at bootup |
ipv6 |
1064347 |
openssh-server: sshd crashes under heavy traffic |
|
1068162 |
Please consider adding MP-TCP support |
wontfix |
1068416 |
ssh-agent: improve systemd user session integration |
fixed-upstream, patch |
1069236 |
openssh-server: X over ssh fails with "cannot open display" |
|
1069674 |
openssh-client: multiplexed connections use incorrect DISPLAY etc, but no TOKENS exist to modify the connection socket |
|
1069849 |
publickey auth does not work when GSSAPI is also used |
|
1070098 |
openssh-sftp-server: False dependency on openssh-client |
|
1071292 |
openssh-server: sshd fails to restart at package upgrade, future logins to server impossible |
|
1072184 |
openssh-server: Please stop writing /var/log/btmp |
|
1072221 |
secure_permission from user-group-modes.patch does not account for symlinks installed by systemd |
|
1073000 |
ssh-askpass-gnome: No longer visually prompted to touch security key after upgrading to Bookworm |
|
1074324 |
openssh-client: double entry of "GSSAPIAuthentication" in /etc/ssh/ssh_config" |
|
1074766 |
openssh-server: upgrading to openssh-server (1:9.2p1-2+deb12u3) resets /etc/ssh/sshd_config file without any prompt |
|
1074768 |
openssh-server: Upgrading to openssh-server (1:9.2p1-2+deb12u3) overwrites /etc/ssh/sshd_config without prompt |
|
1076123 |
new upstream 9.8 for experimental, please? |
|
1077554 |
/usr/sbin/sshd: ssh server ChrootDirectory %h does not honor mount -o noexec |
upstream |
1077923 |
openssh-server: Every few seconds the connection pauses for ~ 5 seconds |
|
1080350 |
openssh-server: refuses further connections after having handled PerSourceMaxStartups connections |
|
1082496 |
keep sshd running as long as possible |
|
1087644 |
openssh-server: no tty associated with login session |
fixed-upstream |