OpenSSH 3.0 was released on 2001-11-06. It is available from the mirrors listed at https://www.openssh.com/. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new features (listed below). We would like to thank the OpenSSH community for their continued support and encouragement. Important Changes: ================== 1) SSH protocol v2 is now the default protocol version use the 'Protocol' option from ssh(1) and sshd(8) if you need to change this. 2) The files /etc/ssh_known_hosts2 ~/.ssh/known_hosts2 ~/.ssh/authorized_keys2 are now obsolete, you can use /etc/ssh_known_hosts ~/.ssh/known_hosts ~/.ssh/authorized_keys For backward compatibility ~/.ssh/authorized_keys2 will still used for authentication and hostkeys are still read from the known_hosts2. However, those deprecated files are considered 'readonly'. Future releases are likely not to read these files. 3) The CheckMail option in sshd_config is deprecated, as sshd(8) no longer checks for new mail. 4) X11 cookies are now stored in $HOME. New Features: ============= 1) Smartcard support in the ssh client and agent based on work by University of Michigan CITI (http://www.citi.umich.edu/projects/smartcard/). 2) support for Rekeying in protocol version 2 3) improved Kerberos support in protocol v1 (KerbIV and KerbV) 4) backward compatibility with older commercial SSH versions >= 2.0.10 5) getopt(3) is now used by all programs 6) dynamic forwarding (use ssh(1) as your socks server) 7) ClearAllForwardings in ssh(1) 8) ssh(1) now checks the hostkey for localhost (NoHostAuthenticationForLocalhost yes/no). 9) -F option in ssh(1) 10) ssh(1) now has a '-b bindaddress' option 11) scp(1) allows "scp /file localhost:/file" 12) The AuthorizedKeysFile option allows specification of alternative files that contain the public keys that can be used for user authentication (e.g. /etc/ssh_keys/%u, see sshd(8)) 13) extended AllowUsers user@host syntax in sshd(8) 14) improved challenge-response support (especially for systems supporting BSD_AUTH) 15) sshd(8) can specify time args as 1h, 2h30s etc. 16) sshd(8) transmits the correct exit status for remote execution with protocol version 2. 17) ssh-keygen(1) can import private RSA/DSA keys generated with the commercial version 18) ssh-keyscan(1) supports protocol version 2 OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller and Ben Lindstrom.