1 min read

OpenSSH 9.6 Released - Now with Less Terrapin!

OpenSSH 9.6 Released - Now with Less Terrapin!
Photo by fabio / Unsplash

OpenSSH 9.6 - It's Here!

Great news from the SSH world! OpenSSH 9.6 has been released, bringing more security and some handy new features. It's like your digital lock just got an upgrade, and who doesn't love a shiny new lock?

Security Upgrades - Stronger Than Ever!

  • Terrapin Attack? No Chance: The team tackled the "Terrapin Attack," a new security threat. In non-tech terms, it's like they've added an extra bolt to our digital doors.
  • ssh-agent(1) Upgrade: It's now more selective with your keys, making sure they're all following the rules.
  • Shell Metacharacter Ban: OpenSSH 9.6 is now like that strict librarian who won't let noisy characters in. No more risky business in usernames/hostnames!

Fresh Features to Enjoy

  • New %j Token: It's like having a handy shortcut for your ProxyJump hostnames.
  • ChannelTimeout: Because even SSH needs to know when to call it a day.
  • ED25519 in PEM PKCS8 Format: More key format compatibility, because variety is the spice of life, right?
  • Signature Algorithm Update: A flexible approach to authentication, keeping things secure and smooth.

Bug Fixes - Squashed!

We've got fewer bugs than a clean kitchen. Key improvements in ssh(1), sftp(1), and ssh-agent(1) make for a smoother experience.

Enhanced Portability

Think of this as OpenSSH being comfortable on more couches - it's now more adaptable across different platforms.


OpenSSH 9.6 isn't just a security update; it's a commitment to keeping our digital world safe and efficient. So go ahead, update to 9.6 - it's like giving your SSH a well-deserved spa day! 🛡️💻🔒

You may find the release notes here: https://www.openssh.com/txt/release-9.6