Free Republic

Microsoft has quietly added beta versions of an SSH client and server to the next major update of Windows 10. The SSH client and server will allow admins and developers to securely connect to other systems without needing a third-party app like the popular PuTTY. Over the years we have seen Microsoft transform from a fairly closed company to one that embraces and supports open source software and standards. This move isn’t unexpected but is another step in that direction. With OpenSSH baked in, it becomes for developers to create secure connections between systems for transferring data and issuing commands....

Microsoft has published early source code for its OpenSSH-for-Windows port for developers to pick apart and improve. In a blog post on Monday, Steve Lee – the PowerShell team's principal software engineer manager – said Redmond has finished early work on a Windows port of OpenSSH 7.1, built in a joint-effort with remote-access developer NoMachine. "We will continue to partner with NoMachine on development in this public repository," Lee said. "Please note that this code is still very early and should be treated as a developer preview and is not supported for use in production." Microsoft said back in June...

Microsoft has finally decided to add support for SSH to PowerShell, allowing people to log into Windows systems and use software remotely over an encrypted connection. Users of Linux, the BSDs, and other operating systems, will know all about OpenSSH and its usefulness in connecting machines in a secure way to execute commands and transfer data. And soon Windows PowerShell – the command-line shell and scripting language – can be used over SSH, we're told. "The PowerShell team [will] adopt an industry-proven solution while providing tight integration with Windows; a solution that Microsoft will deliver in Windows while working closely...

CERT AdvisoryVulnerability Note VU#333628 OpenSSH contains a buffer management error Some versions of the OpenSSH server contain a buffer management error. While the full impact of this vulnerability is unclear, this may lead to memory corruption and a denial of service situation.

Trojan horse found in OpenSSH Several versions of OpenSSH contain a Trojan horse that can allow an attacker to take over a system running the free network connectivity software, the makers of OpenSSH warned in an advisory yesterday. OpenSSH is distributed for free by the OpenBSD project. The SSH protocol is widely used for secure remote terminal connections and file transfers between a client and a server running Unix and its derivatives. The Trojan horse was discovered in OpenSSH versions 3.2.2p1, 3.4p1 and 3.4. The compromised software was first made available on an official download server on July 30 or...

Critical hole found in encryption program A popular open-source program for encrypted communications has a serious flaw that could let Internet attackers slip into servers running the software, said its creators and a security company this week. The program, Open Secure Shell (OpenSSH), is included in many widely used operating system distributions, such as OpenBSD 3.0, OpenBSD 3.1 and FreeBSD-Current, all open-source variants of the Unix OS. Such operating systems appear on networking equipment and security appliances, among other things. The flaw affects versions 3.0 to 3.2.3 of the software, said Grant Slender, principal consultant for Australasia at network protection...