[Package Request] - update OpenSSH / sshd: current version 8 to major version 9 - at least to 9.8 #894
Labels
Comments
|
To set expectations here, we are very unlikely to bump OpenSSH due to the requirement of getting it FIPS validated. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What package is missing from Amazon Linux 2023? Please describe and include package name.
openssh/sshdIs this an update to existing package or new package request?
Update/Upgrade to an existing package.
What is the version of this package right now?
Today, it's version:
OpenSSH_8.7p1, OpenSSL 3.0.8 7 Feb 2023Any additional information you'd like to include. (use-cases, etc)
I guess, it's just one example/use-case: We like to benefit from the PerSourcePenalties feature in OpenSSH 9.8 ff. This new option is exciting because for the first time it lets us block only rapidly repeating SSH sources that fail to authenticate. You can check via the following links for PerSourcePenalties configuration setting and its defaults, and also see PerSourcePenaltyExemptList and PerSourceNetBlockSize. With OpenSSH 8.7 we are not able to use this feature yet - We still need to maintain local rules based on ip-tables to implement an 'authfail' penalty duration.
The text was updated successfully, but these errors were encountered: