Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Ssh still 7.2 vs 7.5?

    2.4 Development Snapshots
    3
    5
    890
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpoz
      johnpoz LAYER 8 Global Moderator last edited by

      So there was some traffic in another thread related to ssh.  While doing my response in that thread I happened ssh in with a -v and noticed its only 7.2?

      debug1: Local version string SSH-2.0-OpenSSH_7.5
      debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2
      debug1: match: OpenSSH_7.2 pat OpenSSH* compat 0x04000000

      I see that the 7.5p1 is available on the freebsd packages
      http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/openssh-portable-7.5.p1,1.txz

      Shouldn't this be updated?

      I am running the current snap Thu Apr 20 02:05:42 CDT

      1 Reply Last reply Reply Quote 0
      • K
        kpa last edited by

        We use the base system OpenSSH from FreeBSD and that's not kept in sync with the latest and greatest but instead the most important security fixes from the newer versions get backported to the base system version. The version numbering is confusing but that's what the FreeBSD security team insists on using.

        1 Reply Last reply Reply Quote 0
        • johnpoz
          johnpoz LAYER 8 Global Moderator last edited by

          But you miss out on new features and some bug fixes this way do you not?  And only get the security updates?

          I am currently not aware of any bug fixes, and or features missing out on.  More curious than anything.  I only connect via my clients and don't have anyone else connecting that might be using a different client so have seen no issues, etc.

          I do connect via 7.5 client as you saw and everything is working..

          1 Reply Last reply Reply Quote 0
          • jimp
            jimp Rebel Alliance Developer Netgate last edited by

            Security patches are kept up, though I'm not sure of the specific reason for FreeBSD not moving forward past 7.2p2 in base. Usually those sorts of things will be a bump of some kind on a major FreeBSD update (e.g. FreeBSD 11.0-RELEASE, 12.0-RELEASE, etc).

            On regular FreeBSD systems, you have the option of installing openssh-portable to get a newer version if you want, but that's not an option here.

            1 Reply Last reply Reply Quote 0
            • johnpoz
              johnpoz LAYER 8 Global Moderator last edited by

              Well I guess I could always take a snapshot and install the portable freebsd 7.5 version and see if it breaks anything.  But not a fan of jumping ahead in what pfsense installs.. This could have unseen consequences, etc.

              As I said not seeing any issues connecting from a 7.5 client - but curious on why so far back.  if on 7.4 would make more sense, etc.  But 7.2 is getting to get a bit long in the tooth.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense Plus
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy