1- Pending
1+ 2024.84 - 4 April 2024
22
33Features and Changes:
4+ Note >> for compatibility/configuration changes
5+
6+ - >> Only use /etc/shadow when a user has :x: as the crypt in /etc/passwd.
7+ This is the documented behaviour of passwd(5) so should be consistent with
8+ other programs. Thanks to Paulo Cabral for the report.
9+ Note that any users without x as the crypt will not be able
10+ to log in with /etc/shadow, in cases were the existing configuration
11+ differs.
412
513- Support -o StrictHostKeyChecking, patch from Sergey Ponomarev
614
@@ -13,6 +21,9 @@ Features and Changes:
1321 Thanks to tjkolev
1422 Disabled by default, set #define DROPBEAR_USE_SSH_CONFIG 1
1523
24+ - Add support for unix socket forwarding (destination) on
25+ the server, thanks to WangYi for the implementation
26+
1627- Add option to bind to interface, from Diederik De Coninck
1728
1829- Ignore unsupported arguments in dropbearkey, allow running
@@ -35,6 +46,9 @@ Features and Changes:
3546
3647Fixes:
3748
49+ - "dbclient host >> output" would previously overwrite "output", instead of
50+ appending. Thanks for the report from eSotoIoT
51+
3852- Add "Strict KEX" support. This mitigates a SSH protocol flaw which lets
3953 a MITM attacker silently remove packets immediately after the
4054 first key exchange. At present the flaw does not seem to reduce Dropbear's
6983
7084- Fix DROPBEAR_SVR_MULTIUSER. This appears to have been broken since when it
7185 was added in 2019. If you're using this let me know (it might be removed
72- later otherwise). Thanks to davidatrsp
86+ if I don't hear otherwise). Thanks to davidatrsp
7387
7488- Fix Y2038 issues
7589
0 commit comments