Ssh still 7.2 vs 7.5?
So there was some traffic in another thread related to ssh. While doing my response in that thread I happened ssh in with a -v and noticed its only 7.2?
debug1: Local version string SSH-2.0-OpenSSH_7.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2
debug1: match: OpenSSH_7.2 pat OpenSSH* compat 0x04000000
I see that the 7.5p1 is available on the freebsd packages
Shouldn't this be updated?
I am running the current snap Thu Apr 20 02:05:42 CDT
We use the base system OpenSSH from FreeBSD and that's not kept in sync with the latest and greatest but instead the most important security fixes from the newer versions get backported to the base system version. The version numbering is confusing but that's what the FreeBSD security team insists on using.
But you miss out on new features and some bug fixes this way do you not? And only get the security updates?
I am currently not aware of any bug fixes, and or features missing out on. More curious than anything. I only connect via my clients and don't have anyone else connecting that might be using a different client so have seen no issues, etc.
I do connect via 7.5 client as you saw and everything is working..
Security patches are kept up, though I'm not sure of the specific reason for FreeBSD not moving forward past 7.2p2 in base. Usually those sorts of things will be a bump of some kind on a major FreeBSD update (e.g. FreeBSD 11.0-RELEASE, 12.0-RELEASE, etc).
On regular FreeBSD systems, you have the option of installing openssh-portable to get a newer version if you want, but that's not an option here.
Well I guess I could always take a snapshot and install the portable freebsd 7.5 version and see if it breaks anything. But not a fan of jumping ahead in what pfsense installs.. This could have unseen consequences, etc.
As I said not seeing any issues connecting from a 7.5 client - but curious on why so far back. if on 7.4 would make more sense, etc. But 7.2 is getting to get a bit long in the tooth.