Request demo

Tectia Server Product Update

Read about the latest features and updates of Tectia Server.

 

1. About This Release

The 6.6 release of Tectia Server is declared Long Term Supported (LTS), and it is supported for 3 years from the release date of 6.6.5. The latest support end dates for Tectia Client/Server are available at: https://www.ssh.com/products/support/end-of-support

The 6.6.5 release is available for AIX (POWER), HP-UX (IA-64 and PA-RISC), Solaris (SPARC and x86-64), Linux (x86-64) and Windows (x86-64) platforms.

PQC algorithms are not supported on HP-UX (IA-64).

Special items for 6.6 release are:

  • Tectia Quantum Safe Edition with multiple PQC hybrid key exchange algorithms

  • Added support for Ubuntu, Debian, Rocky (Linux) platforms

  • Improvements to Secure File Transfer on Windows

  • Improvements to certificate validation

  • FIPS module has been updated to OpenSSL 3.0.8 in Solaris, Linux and Windows

  • Removed ETM MAC algorithms from the defaults

  • Deprecation of DSA signature algorithms from the defaults

  • Deprecation of SHA-1 algorithms from the defaults

We recommend uninstalling any SSH Secure Shell and SSH Tectia 4.x products, and on Windows also SSH Tectia 6.0.x or older, before installing SSH Tectia 6.6 products.

For the installation instructions, refer to the Tectia Server Administrator Manual.

 

 

2. Important Changes

Important changes in 6.6.5

(TECT-1056) Standardized ML-KEM (FIPS PUB 203) algorithms are now supported and preferred in Post-Quantum Cryptography (PQC) hybrid key exchange algorithms.

Also, SABER is no longer supported. If the configuration requires the SABER PQC ecdh-nistp521-firesaber-sha512@ssh.com algorithm, the Tectia Server will refuse to start.

The new PQC hybrid KEX defaults are:

* mlkem1024nistp384-sha384

* mlkem768nistp256-sha256

* mlkem768x25519-sha256

* ecdh-nistp521-kyber1024-sha512@ssh.com

* curve25519-frodokem1344-sha512@ssh.com

* sntrup761x25519-sha512@openssh.com

Note that curve25519-frodokem1344-sha512@ssh.com algorithm is only supported on AIX (POWER), Solaris (SPARC), Linux (x86-64) and Windows (x86-64) platforms.

(TECT-765) PQC algorithm support for HP-UX (PA-RISC) in the Tectia Quantum Safe Edition.

(TECT-1002) The liboqs library has been updated to version 0.11.0.

 

Important changes in 6.6.3

(TECT-981) The hmac-sha2-256-etm@openssh.com and hmac-sha2-512-etm@openssh.com MAC algorithms are no longer included in the defaults. Also the strict KEX mitigation to low impact CVE-2023-48795 has been implemented. Please note that also the Secure Shell client needs to support the strict KEX.

(TECT-944) Hostkey generation now by default does not prompt for a passphase. In FIPS mode random passphrase is stored in hostkey.pass file and in non-FIPS mode an empty passphrase is assumed. 

(TECT-740) FIPS module has been updated to OpenSSL 3.0.8 in Solaris, Linux and Windows.

(TECT-968) In FIPS mode diffie-hellman-group-exchange-sha256 (DH-GEX-SHA256) and other Group Exchange (GEX) methods are now disabled in Key Exchange (KEX) to comply with FIPS 140-2 NIST SP 800-56Ar3 requirement of using standard Modular Exponential (MODP) Diffie-Hellman groups such as diffie-hellman-group18-sha512.

Customers using FIPS should verify that their Tectia configurations do not contain Group Exchange (GEX) methods. Tectia Server will refuse to start in FIPS mode after upgrade with "Failed to set kex" error if configuration requires any diffie-hellman-group-exchange-* (DH-GEX-*) algorithms.

(TECT-892) AES-GCM is now preferred over AES-CTR in default configurations.

(TECT-824) Added official support for Rocky Linux (8 and 9), Ubuntu (18.04, 20.04 and 22.04) and Debian GNU/Linux (11 and 12) platforms.

 

Important changes in 6.6.2

(TECT-718) DSA has been deprecated and is no longer included in default values of host key algorithms nor public-key signature algorithms. We strongly recommend to use any other supported hostkey algorithm and signature algorithm instead for host keys and user keys.

CAUTION: Connections will fail with "Key exchange failed" and "Host key algorithm negotiation failed" errors after upgrade if Tectia Server has a DSA host key as the only identity and the ssh-server-config.xml does not explicitly allow using deprecated DSA algoritm(s) such as ssh-dss-sha256@ssh.com.

It is recommended to generate a new RSA of 3072-bit or higher and/or Elliptic Curve keys (ECDSA or Edwards Curve) and to replace the old DSA host key. To manually rotate the host key to avoid changed hostkey warnings on client-side, please see Appendix "Changing the Host Key of Tectia Server" in Admin Manual.

(TECT-722) During upgrade on Unix platforms, a new default RSA host key /etc/ssh2/hostkey is automatically generated if the current default host key is a DSA key. After upgrade, the old DSA host key /etc/ssh2/hostkey_dsa_old can be manually enabled as an additional identity if needed. Please see ssh-server-config-example.xml.

On Windows, it is recommended to rename the default <INSTALLDIR>\hostkey if it is a DSA host key before upgrade so that installation will generate a new default RSA host key. After install, a new hostkey can be generated, for example on Tectia Server Configuraiton GUI Identity page if needed.

(TECT-566) Using OpenSSL 3.0 FIPS container for Solaris, Linux and Windows. RSA, ECDSA and Ed25519 keys are supported in FIPS mode. New DSA keys cannot be generated with Server Configuration GUI. If needed, 3072 or 2048 bit DSA keys can be generated with ssh-keygen-g3 --fips-mode.

(TECT-655) PQC algorithm support for Solaris as a part of the Tectia Quantum Safe Edition.

(TECT-663) Solaris installation packages are now 64-bit.

(TECT-721) Tectia Server now uses SHA-2 algorithm in hostbased authentication, and therefore it does not interoperate with old clients if hostbased authentication is enabled as a user authentication method. It is recommended to upgrade both the client-side and server-side to the latest Tectia version if hostbased authentication is used in the environment.

 

Important changes 6.6.1

(TECT-619) Increased default RSA and DSA key size from 2048 bits to 3072 bits and ECDSA from 256 bits to 384 bits. These changes reflect the new minimum values recommended by us for these authentication keys.

(TECT-614) NIST has chosen CRYSTALS-Kyber. Following this decision we have decided to remove SABER from the defaults. However, SABER still remains supported and the PQC hybrid KEX ecdh-nistp521-firesaber-sha512@ssh.com can be enabled in configuration.

For more information: https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022

The new PQC hybrid KEX defaults are:

* ecdh-nistp521-kyber1024-sha512@ssh.com

* curve25519-frodokem1344-sha512@ssh.com

* sntrup761x25519-sha512@openssh.com

 

Important changes 6.6.0

(TECT-193) Tectia Quantum Safe Edition license file enables Post Quantum Cryptography (PQC) algorithms SABER, CRYSTALS-Kyber, FrodoKEM and Streamlined NTRU Prime that are used in a Hybrid Key Exchange together with a classical ECDH algorithm. Both the PQC and ECDH algorithm contribute to the key material resulting in a session key that is at least as hard to break as the strongest composite. The hybrid approach mitigates the risk of future attacks on recorded secure shell sessions if weaknesses are discovered in either algorithm.

Note that the client-side, Tectia Client version 6.6 and above or OpenSSH version 9.0 or above, needs to also support and prefer at least one of the PQC hybrid KEX algorithms or connections will use classical KEX algorithms by default.

Note when upgrading from 6.5.1 with changed configurations or from 6.4.x, the Post Quantum Cryptography (PQC) algorithms require Tectia Quantum Safe Edition license and are not enabled unless explicitly configured. For configuration instructions how to enforce PQC hybrid KEX, please see the Tectia Server example ssh-server-config-example.xml in the configuration directory.

 

Important changes 6.5.1

(TECT-458) Disabled SHA1 algorithms from server defaults in lieu of previous deprecation warning. These algorithms can still be manually enabled for legacy reasons. It is important to understand that SHA-1 algorithms are deprecated due to security issues and should not be enabled without a critical legacy dependency for them. Enabling SHA-1 algorithms is not recommended by us.

* ssh-rsa (RSA/SHA1) is no longer included in public-key signature algorithms nor host key algorithms default values. We recommended using SHA2 variants (e.g. rsa-sha2-256, ssh-rsa-sha256@ssh.com) for existing RSA keys.

* ssh-dss (DSA/SHA1) is no longer included in public-key signature algorithms nor host key algorithms. We recommend using SHA2 variants (e.g. ssh-dss-sha256@ssh.com) for existing DSA keys and creating additional RSA, ED25519, or ECDSA key(s) for better interoperability with third-party clients/servers.

* diffie-hellman-group-exchange-sha1 (DH-GEX-SHA1) and diffie-hellman-group14-sha1 are no longer included in key exchange default values. We recommend using SHA2 variants (e.g. diffie-hellman-group-exchange-sha256 and diffie-hellman-group14-sha256).

SHA2 variants @ssh.com algoritms have been supported in Tectia Client/Server since version 6.2.0 released in 2011. Standardized SHA2 variants since version 6.4.18.

HMAC SHA1 algorithms still remain in server defaults. Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions.

CBC mode ciphers are no longer included in server defaults. Although there are no known vulnerabilities for current versions, there are better counter modes available such as GCM. CBC mode ciphers can still be manually enabled in the server configuration. This change was made to alleviate false positives from security scanners. Our recommendation is to use CTR mode and GCM mode over CBC mode whenever possible and use CBC mode only when it is not possible to use the other two counter modes with ciphers.

 

3. New Features

The following new features have been implemented in Tectia Server:

New features in 6.6.5

(TECT-1088) Improved PKCS#12 support in server certificate authentication:

* AES256-SHA256 protected PKCS#12 file can be now an external key or imported.

* Tectia Server Configuration GUI can import a PKCS#12 package in FIPS mode.

(TECT-1096) Windows: Improved UTF-8 support in SFTP file name character set handling. Sft-server-g3 'utf8-mode' attribute is enabled by default.

(TECT-152) ssh-server-ctl tool now shows more information per servant with '-v verbose' option to help with diagnostics when server is under heavy load. Also documentation on optional servant-lifetime setting has been updated. The server is more proactive in starting new servants to handle incoming connections when there are retired servants.

 

New features in 6.6.4

See the bug fixes.

 

New features in 6.6.3

(TECT-947) PKCS#11 external hostkey can be now advertised in hostkey rotation. Added also support for advertise(yes) and advertise_tectia_only(yes) in init string.

(TECT-943) ssh-keygen-g3 tool: Improved passphrase handling. Now if --random-pass option is used when generating a new key, the private key is protected with a BASE64 encoded passphrase and the path to <file>.pass is shown in the output. Added option --prompt-pass to prompt the passphrase in --hostkey mode.

(TECT-896) Added maximum unauthenticated connection limits configuration options that can be enabled to balance the connection load on systems with resource constraints.

(TECT-895) Minor improvement with SSH2_MSG_EXT_INFO packet sending during authentication to prevent some 3rd party clients from sporadically disconnecting due to the client's incorrect handling of the potential SSH_MSG_IGNORE packet.

(TECT-891) Improved SFTP subsystem debugging. Now 'sftpdebug' directs debug output to servant and disables standard error. Use 'sftpstderrdebug' to direct standard error to the client. Also added 'debug' and 'debug-file' attributes to server configuration.

(TECT-940) SFTP server audit messages are now formatted in the same way as the other server audit log messages.

(TECT-878) Performance profiling for currently running server. Intended for better problem diagnostics with the help of SSH support. Obtain performance measurements with 'ssh-server-ctl performance show' command.

(TECT-512) Windows: Added support for directory symlinks in SFTP.

(TECT-178) SFTP download and upload restrictions can now be enforced in server configuration file. Added sftp subsystem attribute 'disable' to disallow 'write', 'read' and/or 'update' file operations, 'streaming' to use traditional SFTP instead of streaming, 'intrusive' to disallow rename, remove, mkdir, rmdir, setstat, symlink operations and 'dirlist' (directory listing) and 'mmclist' (MVS master catalog listing).

 

New features in 6.6.2

(TECT-743) Tectia Quantum Safe Edition: Added a new PQC hybrid KEX algorithm

curve448-kyber1024-sha512@ssh.com that is supported when FIPS mode is enabled

(TECT-738) Tectia Server now logs information about its current host key(s) when starting or reloading configuration in new Server_hostkey message including the key type and length, fingerprints as Babble, RFC4716 and SHA-256 making it easier to identify for example servers with deprecated DSA host keys from syslog or Event Log and tracking changed host keys.

(TECT-672) Connection-specific protocol algorithm information for example KEX, MAC and Cipher are now available as blackboard fields. Blackboard also now supports banner-message for sending additional messages during user authentication.

(TECT-676) The selector publickey-passed for authentication chains now has "type" attribute, making it easier to log usage or deny smaller keys or undesired user key types.

(TECT-706) Improvements to the additional External Mapper that can be now chrooted and run as non-privileged mapper user. Also any errors from the custom mapper script are now more easily available in Rule_engine_warning log messages.

 

New features in 6.6.1

(TECT-611) Added Red Hat Enterprise Linux 9 as a supported installation platform.

(TECT-629) Added support for ncurses 6, which removes the previous dependency for libncurses compat libraries.

 

New features in 6.6.0

(TECT-193) Added support for Post Quantum Cryptography (PQC) hybrid key exchange algorithms.

Following PQC hybrid KEX algorithms are supported and enabled by default when Tectia Quantum Safe Edition license is installed:

* ecdh-nistp521-firesaber-sha512@ssh.com

* ecdh-nistp521-kyber1024-sha512@ssh.com

* curve25519-frodokem1344-sha512@ssh.com

* sntrup761x25519-sha512@openssh.com

(TECT-571) Added support for IBM AIX 7.3

(TECT-574) Tectia Server control utility can now be used to troubleshoot running Tectia Server. The 'ssh-server-ctl debug --help' command lists options that can be used to enable debug mode for the ssh-server-g3, servants and/or user SFTP server processes.

Note that 'ssh-server-ctl debug clear' should always be used after reproducing the problem. On Unix, it is needed even after stopping the service to clear the debug settings from any retired server processes.

SELinux enabled Linux: 'ssh-server-ctl debug <options>' is recommended method instead of starting the ssh-server-g3 process directly that results in wrong SELinux context, misleading failures and potential issues later when Tectia Server is started normally by systemd.

 

New features in 6.5.1

(TECT-325) Zero Trust certificate-based user authentication with short-lived X.509v3 or OpenSSH certificates. Delegate access control to PrivX for Just-In-Time (JIT) access management. PrivX version 22 and above is supported.

(TECT-462) Windows Server 2022 and SUSE Linux Enterprise Server 15 (x86-64) added as supported installation platforms.

(TECT-484) Linux: Installation creates and modifies /etc/pam.d/ssh-server-g3 Pluggable Authentication Modules (PAM) configuration and preserves original file to /etc/pam.d/ssh-server-g3.orig. PAM is now required for successful password authentication on RHEL.

(TECT-313) Added support for x509-certificate-chain for user and host certificates and standardized X.509v3 signature algorithms defined in RFC6187.

Following signature-algorithms and hostkey-algorithm are supported:

* x509v3-rsa2048-sha256

* x509v3-ecdsa-sha2-nistp256

* x509v3-ecdsa-sha2-nistp384

* x509v3-ecdsa-sha2-nistp521

* x509v3-ssh-dss (DSA/SHA1 not enabled by default on server-side)

* x509v3-ssh-rsa (RSA/SHA1 not enabled by default on server-side)

(TECT-147) Added support for OpenSSH user and host certificates.

Following signature-algorithms and hostkey-algorithm are supported:

* ecdsa-sha2-nistp256-cert-v01@openssh.com

* ecdsa-sha2-nistp384-cert-v01@openssh.com

* ecdsa-sha2-nistp521-cert-v01@openssh.com

* ssh-ed25519-cert-v01@openssh.com

* rsa-sha2-256-cert-v01@openssh.com

* rsa-sha2-512-cert-v01@openssh.com

* ssh-rsa-cert-v01@openssh.com (RSA/SHA1 not enabled by default)

* ssh-dss-cert-v01@openssh.com (DSA/SHA1 not enabled by default)

(TECT-492) Added curve25519-sha256@libssh.org to client and server key exchange defaults for better interoperability with 3rd party implementations that do not support standardized curve25519-sha256.

(TECT-335) Tectia Server Configuration GUI supports extended-key-usage certificate selector, for example secureShellClient (oid 1.3.6.1.5.5.7.3.21).

(TECT-61) Critical Microsoft custom policy OID 1.3.6.1.4.1.311.21.10 is now accepted if it contains only extended key usage oids that are present in the actual extended key usage extension in the X.509v3 certificate being validated.

(TECT-359) Tectia Server Configuration GUI can be used to configure OCSP trusted mode (RFC5019, RFC6960) responder issuing CA certificate.

(TECT-367) Added new configuration option xauth-shell attribute that can be used specify the shell used to run xauth binary instead of the user shell in X11 forwarding.

(TECT-426) Tectia Server Logging improvements Certificate_validation_success and Certificate_validation_failure log also Subject name, Email and UPN Subject Alternative Names for X.509v3 certificates and Key ID and principals for OpenSSH certificates.

 

4. Bug fixes

The following fixes have been implemented in Tectia Server:

Bug fixes in 6.6.5

(TECT-1121) Fixed an issue that could lead to unauthenticated connections to exceed the limit of the configured max-unauth-connections on a busy server.

(TECT-1119) Fixed an issue that could cause file transfer using streaming to fail silently, creating an empty file in the destination. The server-side logs for upload would show only Sft_server_stream_wait message. For a successful transfer it is followed by Sft_server_upload_begin and Sft_server_upload_end messages.

(TECT-1095) Windows: Improved network share handling in SFTP. In sft-server-g3 streamlined the system calls to restore and cancel connections to network resources. The symptoms were first frequently connecting user(s) would start to fail to access their virtual folders leading to server host needing to be rebooted to recover.

(TECT-1083) If SFTP upload restriction 'update' is disabled , the server no longer truncates existing file to zero bytes but denies update attempt with 'file exists' error.

(TECT-1068) Fixed an issue with hostkey algorithms where only ssh-rsa-cert-v01@openssh.com SHA1 could be used with OpenSSH host certificate. Now also SHA2 algorithms rsa-sha2-256-cert-v01@openssh.com and rsa-sha2-512-cert-v01@openssh.com work.

(TECT-1067) Windows: Fixed a Server Configuration GUI crash when an OpenSSH certificate was configured as host certificate.

(TECT-1062) Windows: Using forward slashes instead of backslashes in the "User Home Directory" configuration no longer causes SFTP to fail with "error: Permission denied".

 

Bug fixes in 6.6.4

(TECT-1048) Fixed an issue with sft-server-g3 path handling in traditional and streaming mode SFTP.

(TECT-1043) Windows: Fixed an issue with Windows volumes mounted in NTFS when accessed over sftp.

(TECT-1041) Windows: Reduced the number of requests sent to Windows Domain Controller, this may have caused problems with setups where the Domain Controller doesn't have sufficient resources allocated for running it.

(TECT-1031) Linux/Unix: Fixed an issue with servant processes occasionally hanging and refusing new connections.

(TECT-1030) Windows: Fixed issues with how symlinks are handled.

(TECT-1029) Windows: Symlinks can be now again set as the user's virtual home directory.

(TECT-1026) Windows: Improved the input handling of UTF-8 characters.

(TECT-985) Fixed issues that caused ssh-servant-g3 process to leak memory.

 

Bug fixes in 6.6.3

(TECT-932) Unix: Fixed an issue with X11 forwarding that may have caused server to leak file descriptors due to xauth failure.

(TECT-862) Radius server timeout in configuration is now enforced across retransmissions so that failure is reported within 10 seconds by default.

(TECT-855) HSM hostkey configured via PKCS#11 provider can now be initialized with 'allow-reuse(yes)' to prevent failure after 'Apply' is clicked in Server Configuration GUI or upon 'ssh-server-ctl reload'. Previously, key exchange failed on "Host key algorithm negotiation failed."

(TECT-854) Windows: Improved the network share handling in SFTP. Previously during high load sft-server-g3 processes could hang during starting when server failed to cleanup logon session of old connections. The symptoms were first slowness in opening SFTP sessions leading to server host needing to be rebooted to recover.

(TECT-808) 'ssh-server-ctl reload' no longer fails to reload configuration if FIPS is enabled only by system-wide FIPSMODE without crypto-lib mode also specified in configuration. Previously, reload failed on "You have changed the Crypto Library mode (FIPS/normal)." even if the server was already in FIPS mode.

(TECT-671, TECT-638, TECT-347) Windows: Fixed multiple issues with virtual home directory that in 6.5 and previous 6.6 versions resulted in 'not a directory' or 'invalid virtual directory' errors during file transfers to an existing virtual folder. Improvements also when virtual root or custom directory is configured as the virtual home directory.

(TECT-649) Windows: Server Configuration GUI no longer fails to remove users from password cache. In 6.5 and previous 6.6 versions, only ssh-server-ctl could be used to remove users.

(TECT-551) Windows: Server Configuration GUI no longer fails to show saved CRL prefetch URL configuration(s).

(TECT-549) Windows: Fixed a Server Configuration GUI crash related to showing Password Cache under some specific conditions. Related to TECT-649.

(TECT-525) Windows: Standard input is now used instead of command-line parameters to send attributes to sft-server-g3. Previously SFTP channel open would fail if either excessive and/or long virtual folder paths were configured.

(TECT-937) AIX: Fixed a potential deadlock issue with user initialization that may cause servant to hang if OS group selector was used in Tectia Server configuration on AIX 7.2.

 

Bug fixes in 6.6.2

(TECT-782) Linux: Server configuration file errors during startup are now reported also to syslog when systemd is used.

(TECT-634) Server now expects secure shell client to send its version and initial KEXINIT packet within first seven seconds when connection is received or it disconnects the client with Login grace-time exceeded. Normal login grace time applies after that.

(TECT-641) Windows: Fixed a resource exhaustion issue where logon sessions were not always properly cleared after connection was closed.

(TECT-636) Fixed a race condition with configuration reload that could result in Tectia Server to fail to accept new connections.

(TECT-784) SELinux enabled Linux: Correct context type is now used for /var/opt/tectia.

 

Bug fixes in 6.6.1

(TECT-626) Windows: Attempt to overwrite a file on NFS no longer fails with an input/output error. Previously an SFTP client had to delete the file with the same name first before upload.

(TECT-609) Fixed a bug with Radius authentication in RHEL that prevented the use of said authentication method.

 

Bug fixes in 6.6.0

(TECT-564) Fixed an issue with OCSP certificate validation that may have resulted in Certificate_validation_failure with error time-interval-was-invalid even if valid CRL was available when check against OCSP responder failed.

(TECT-526) Certificate validator cache-size configuration parameter was increased to 300MB.

 

Bug fixes in 6.5.2

(TECT-536) SELinux enabled Linux: Fixed an issue with upgrading from 6.4.x version to 6.5.1. In 6.5.1 Upgrade would fail, if /tmp/ssh-server-g3 was not manually removed.

 

Bug fixes in 6.5.1

(TECT-108) Linux: Tectia Server ssh-server-ctl now uses systemd on RHEL 7, 8, SUSE 12 and SUSE 15 for stopping and starting the service.

Recommended commands 'systemctl [start|stop|restart|status] ssh-server-g3'

For configuration update 'ssh-server-ctl reload' that validates the ssh-server-config.xml configuration is recommended.

(TECT-347) Windows Server: Using relative paths to access virtual folders no longer fail if home directory is configured as virtual root.

(TECT-199) Linux: Tectia Server is now confined to sshd SELinux context on RHEL.

(TECT-174) Tectia Server Configuration GUI now allows only service rule command configurations that the server supports. If forced command is set, no other commands can be added to the group. If a group contains multiple allowed commands, forced commands can not be added or edited to the group.

(TECT-423) Tectia Server now checks file permissions of CA certificates configured as trust anchors for user certificate authentication.

(TECT-433) Tectia Server Configuration GUI no longer overwrites public key signature-algorithms in ssh-server-config.xml with default values.

(TECT-127) OpenSSL generated passphrase protected PKCS#8 key no longer fails to be decoded.

(TECT-310) Tectia Server Configuration GUI now supports name-regexp attribute for example in authentication selector instead of overwriting manually configured selectors like <user name-regexp="[[:alpha:]]{5}[[:digit:]]{3}" />.

(TECT-401) Customized tunnel (port forwarding) restrictions are now enforced correctly.

* In tunnel-remote 'listen' will match only when listener is being opened. The 'src' is not matched when listener is opened but only when tunnel is opened.

* New tunnel-remote 'disable-privilege-check' attribute defaults to 'no'. If not set, tunnel listener open will always perform privilege check, forbidding listener open for ports under 1024 unless user is privileged admin/root user.

* New Tunnel endpoint 'tunnel-src' and 'tunnel-dst' added for tunnel-local and tunnel-remote, conversely. These match the ssh client end IP address as seen by the server based on the tcp connection. The 'src' in tunnel-local, that matches the connection source as reported by the client, has not been changed.

(TECT-333) Tectia Server Configuration GUI no longer crashes if host certificate has critical extension BasicConstraints CA = FALSE.

(TECT-353) Tectia Server user login with certificate no longer fails if user-group attribute is defined in the same selector with certificate selectors.

(TECT-361) Tectia Server Logging Channel_outbound_statistics and Channel_inbound_statistics no longer log username as uninitialized.

(TECT-382) Windows: ssh-shell in Tectia Server no longer ignores input bytes with highest bit set. Multibyte characters are now shown correctly when logged in with sshg3.

 

5. Known Issues

The following issues are currently known to exist in Tectia SSH Server:

(TECT-1086) Legacy OpenSSH SCP fails to transfer files with UTF-8 file names. Upgrade to OpenSSH version 9 or newer, or use Tectia scpg3 instead.

(FB #41772) Linux, RHEL6: ssh-servant-g3 processes can show large virtual memory allocation, in excess of one GB per process. This is due to thread arena allocation in libc 2.10 and later, included in RHEL 6.0, not because of memory leaks.

(FB #39681) Solaris: With exec-directly="no", csh on Solaris closes auditing file descriptors for sft-server-g3, effectively disabling logging with sftp. The recommended solution here is to use exec-directly="yes".

(FB #41617) Windows: Upgrade only recognizes versions 6.1 onwards.

(FB #36835) All platforms: Remote translation tables only work when the site command X=BIN is used. Local translation tables work as intended.

(FB #22991) AIX: Upgrading from version 6.2.x or 6.3.x will not restart the server automatically after installing the upgrade packages. Upgrading from versions 6.1.x (or earlier), and versions 6.4.2 (or later) will work normally and restart the server after upgrade.

(FB #19541) Unix/Linux: When logged to the SSH Tectia Server, an executable will fail to start if any parent of the current working directory is not readable and relative paths are used to refer to the executable.

(FB #13818) All Platforms: The usage of IPv6 addresses in certificates is not yet supported.

(FB #14973) Linux: SSH Tectia Server must be stopped before upgrading from 6.2.0 as the newer ssh-server-ctl will not be able to stop the 6.2.0 server. Upgrades from any other version than 6.2.0 do not experience this issue.

(FB #9145) Windows: When installing Tectia Server on a platform that has more than 30 CPUs running Windows 2003 SP2, make sure that you have the proper Microsoft patches installed to not hit a Microsoft bug which will make your host unusable. For more information, see: http://support.microsoft.com/kb/2539164

(FB #9367) Windows: If the installation fails with error message "An error occurred during the installation of assembly component {B708EB72-AA82-3EB7-8BB0- D845BAB35C93D}. HRESULT: 0x80070BC9" use Windows Update to install required operating system updates.

(FB #9106) AIX: Executables are now compiled in 64 bit. For PAM to work, the operating system should point to the 64-bit versions of PAM libraries instead of the 32-bit versions.

(FB #9530) All platforms: Extra checks are done when starting the Tectia Server and Connection Broker in the FIPS mode due to the OpenSSL FIPS cryptographic library health check. This will lead to a noticeable delay in the start of the process on slow machines.

(FB #8826) Windows: Users authenticated with a public key cannot access Network DFS shares that are in a different box than where the Tectia server is running. Workaround: Use password cache.

(FB #4699) AIX: Due to IBM's bug IZ02631, a servant may deadlock under heavy stress. IBM has a fix for AIX 5.3 and AIX 6.1.

(RQ #19164) Linux RedHat 3: The pam_krb5 module supplied with Red Hat Linux 3 will not work with Tectia Server when configured with pam-calls-with-commands=yes as pam_krb5 requires pam_authenticate() to be called before pam_setcred().

(RQ #19080) AIX: Authentication may fail for LDAP accounts when verifying login permissions. This is caused by an error in AIX system libraries when trying to retrieve password expiration information for an LDAP user and is addressed by IBM APAR IZ46727 (registration required): http://www-01.ibm.com/support/docview.wss?uid=isg1IZ46727

(RQ #18437) Windows: Tectia Server doesn't support other than ISO Latin 1 character sets in folder names for storing troubleshooting logs.

(RQ #18307) All platforms: The file transfer with WinSCP 3.6 might fail when the file transfer is resumed.

(RQ #18211) All platforms: If the server configuration has one or more selectors in the <connections> block listing specific ciphers, and the client does not match the selector, it is still allowed the default ciphers. This is because there is no implicit deny-rule in the <connections> block (the behavior is different from the <authentication-methods> block).

(RQ #18084) Unix: All installed Tectia products must be upgraded to 6.0.2 at the same time. If some packages are left to 6.0.1 or older version, they will stop working when the 6.0.2 common package is installed.

(RQ #17626) Windows: On Windows, Tectia Server does not support GW mode for connecting to other Secure Shell servers.

(RQ #17604) All platforms: Files larger then 4GB cannot be transferred to or from Tectia Server when using the old OpenSSH 'scp' command. Workaround: The files can be transferred using scpg3 or sftpg3.

(RQ #17271) Solaris x86-64: RSA SecurID cannot be used with Tectia Server on Solaris x86-64, because RSA SecurID offers only a 32-bit PAM library. Tectia Server expects a 64-bit pam_securid.so.

(RQ #17170) Solaris 10: Tectia Server and the FTP/SFTP conversion component of Tectia Client with EFT Expansion Pack need to be uninstalled separately from each local zone, if they have been installed to all zones by installing into the global zone.

(RQ #17055) Solaris: Installation packages do not detect the underlying Solaris architecture to prevent installation of the x86-64 packages on x86 architecture. The packages can be installed but they will not work.

(RQ #16986) Windows: SFTP 'chmod' command is not supported against Tectia Server running on Windows.

(RQ #16410) Solaris 10: Tectia Server and the FTP-SFTP conversion component of Tectia ConnectSecure need to be uninstalled separately from each local zone, if they got installed to all zones by installing into the global zone.

(RQ #16342) All platforms: OpenSSH keys are not accepted as host keys, when running the server in FIPS mode.

(RQ #16285) AIX: When trying to log in to an AIX server using an account which has an expired password, the client returns the following error message: "Request exec channel error: Disconnected by application." The reason for the disconnection is, however, logged correctly in the server's log.

(RQ #16080) Windows: The Server reports a "Wrong password" message to the event log even though the correct password is given, but the account has expired.

(RQ #15976) Windows: Users without administrator rights cannot use file transfer with the default Windows 2003 ACL settings.

(RQ #15973) All platforms: The certificate validation path construction from LDAP fails, if the LDAP server requires suffix ';binary' for the PKI binary blob attribute names.

(RQ #15874) Linux: If a user account has expired, the Server incorrectly asks the user to change the password and then denies login.

(RQ #15819) Solaris: Quality checks for password changes (e.g. password length, characters etc.) enforced by PAM will only be enforced when using PAM authentication. When changing passwords via forced commands (i.e. when using authentication methods other than keyboard-interactive PAM), the Tectia Server will not enforce PAM-related password quality checks.

(RQ #15807) Windows: If a non-admin user tries to start the server, the server reports error message "Failed to access service manager".

(RQ #15711) Windows: All well-known security identifiers ('Everyone' and'Authenticated Users', for instance) are not shown in the Tectia Server Configuration GUI's directory object picker when browsing groups for a selector.

(RQ #15627) Unix: Currently it is not possible to allow X11 forwarding when terminal connections are denied.

(RQ #15393) Windows: Installing PGP Desktop 9.5.2 and Tectia Server on the same Windows machine will cause the one installed earlier not to work.

(RQ #15228) All platforms: File transfers of files larger than 4kb using Net:SFTP and Net::SSH::Perl fail against Tectia Server. Workaround is documented at http://www.cpanforum.com/threads/2092. The workaround involves lowering the value of COPY_SIZE in the SFTP.pm perl module from 8192 to 4063 or lower.

(RQ #15016) HP-UX: Shadow passwords are not supported on HP-UX when using the password authentication method. Shadow passwords can be used on HP-UX only with keyboard-interactive PAM authentication, with the appropriate PAM configuration.

(RQ #14973) Windows: The Server reports "Wrong password" message to the event log even though the correct password is given, if the account is locked.

(RQ #14762) Windows: Currently it is not possible to see and select Active Directory universal groups in the User Group Selector dialog of the configuration tool GUI. However, universal groups can be used as selectors if those are entered manually to the user group selector name field.

(RQ #14259) AIX: The Server hangs after a few authentication tries when the following value is set in the /etc/security/user file: SYSTEM='KRB5Files or compat' The Server does not hang when the value is set to: SYSTEM='compat'

(RQ #14039) Windows: Using rsync with Cygwin OpenSSH against Tectia Server fails when using public-key authentication.

(RQ #12576) HP-UX 11.11: Attempting GSSAPI authentication can cause the auths-gssapi-userproc-krb process to consume CPU and not exit after the client disconnects. The GSSAPI authentication will be enabled if no configuration file is found or if specifically enabled in the server configuration. The HP-UX patch PHSS_35381 fixes this issue. GSSAPI needs to be disabled in the server configuration, if installing the patch is not an option.

(RQ #12517) Unix: Canceling user authentication when Tectia Server has been configured with keyboard-interactive authentication method, causes authentication to fail with "Server responded 'Unexpected response packet'".

(RQ #11836) All platforms: After changing the password on a Secure Shell server, but before logging in with the new password, either the Connection Broker must be restarted to close the previous connection, or the user must wait for the connection to time out (by default 5 seconds). If this is not done, login with the new password will not succeed.

 

 

6. Further Information

More information can be found on the Tectia man pages and manuals. Tectia manuals are also available from https://www.ssh.com/manuals/

Additional licenses can be purchased by contacting sales at https://www.ssh.com/ 

 

1. About This Release

The 6.6 release of Tectia Server is declared Long Term Supported (LTS), and it is supported for 3 years from the release date of 6.6.2. The latest support end dates for Tectia Client/Server are available at: https://www.ssh.com/products/support/end-of-support

The 6.6.4 release is available for AIX (POWER), HP-UX (IA-64 and PA-RISC), Solaris (SPARC and x86-64), Linux (x86-64) and Windows (x86-64) platforms.

The 6.6.4 release is a maintenance release and doesn't add any new features. PQC algorithms supported only on AIX, Solaris, Linux and Windows.

Special items for 6.6 release are:

  • Tectia Quantum Safe Edition with multiple PQC hybrid key exchange algorithms

  • Added support for Ubuntu, Debian, Rocky (Linux) platforms

  • Improvements to Secure File Transfer on Windows

  • Improvements to certificate validation

  • FIPS module has been updated to OpenSSL 3.0.8 in Solaris, Linux and Windows

  • Removed ETM MAC algorithms from the defaults

  • Deprecation of DSA signature algorithms from the defaults

  • Deprecation of SHA-1 algorithms from the defaults

We recommend uninstalling any SSH Secure Shell and SSH Tectia 4.x products, and on Windows also SSH Tectia 6.0.x or older, before installing SSH Tectia 6.6 products.

For the installation instructions, refer to the Tectia Server Administrator Manual.

 

 

2. Important Changes

Important changes in 6.6.3

(TECT-981) The hmac-sha2-256-etm@openssh.com and hmac-sha2-512-etm@openssh.com MAC algorithms are no longer included in the defaults. Also the strict KEX mitigation to low impact CVE-2023-48795 has been implemented. Please note that also the Secure Shell client needs to support the strict KEX.

(TECT-944) Hostkey generation now by default does not prompt for a passphase. In FIPS mode random passphrase is stored in hostkey.pass file and in non-FIPS mode an empty passphrase is assumed. 

(TECT-740) FIPS module has been updated to OpenSSL 3.0.8 in Solaris, Linux and Windows.

(TECT-968) In FIPS mode diffie-hellman-group-exchange-sha256 (DH-GEX-SHA256) and other Group Exchange (GEX) methods are now disabled in Key Exchange (KEX) to comply with FIPS 140-2 NIST SP 800-56Ar3 requirement of using standard Modular Exponential (MODP) Diffie-Hellman groups such as diffie-hellman-group18-sha512.

Customers using FIPS should verify that their Tectia configurations do not contain Group Exchange (GEX) methods. Tectia Server will refuse to start in FIPS mode after upgrade with "Failed to set kex" error if configuration requires any diffie-hellman-group-exchange-* (DH-GEX-*) algorithms.

(TECT-892) AES-GCM is now preferred over AES-CTR in default configurations.

(TECT-824) Added official support for Rocky Linux (8 and 9), Ubuntu (18.04, 20.04 and 22.04) and Debian GNU/Linux (11 and 12) platforms.

 

Important changes in 6.6.2

(TECT-718) DSA has been deprecated and is no longer included in default values of host key algorithms nor public-key signature algorithms. We strongly recommend to use any other supported hostkey algorithm and signature algorithm instead for host keys and user keys.

CAUTION: Connections will fail with "Key exchange failed" and "Host key algorithm negotiation failed" errors after upgrade if Tectia Server has a DSA host key as the only identity and the ssh-server-config.xml does not explicitly allow using deprecated DSA algoritm(s) such as ssh-dss-sha256@ssh.com.

It is recommended to generate a new RSA of 3072-bit or higher and/or Elliptic Curve keys (ECDSA or Edwards Curve) and to replace the old DSA host key. To manually rotate the host key to avoid changed hostkey warnings on client-side, please see Appendix "Changing the Host Key of Tectia Server" in Admin Manual.

(TECT-722) During upgrade on Unix platforms, a new default RSA host key /etc/ssh2/hostkey is automatically generated if the current default host key is a DSA key. After upgrade, the old DSA host key /etc/ssh2/hostkey_dsa_old can be manually enabled as an additional identity if needed. Please see ssh-server-config-example.xml.

On Windows, it is recommended to rename the default <INSTALLDIR>\hostkey if it is a DSA host key before upgrade so that installation will generate a new default RSA host key. After install, a new hostkey can be generated, for example on Tectia Server Configuraiton GUI Identity page if needed.

(TECT-566) Using OpenSSL 3.0 FIPS container for Solaris, Linux and Windows. RSA, ECDSA and Ed25519 keys are supported in FIPS mode. New DSA keys cannot be generated with Server Configuration GUI. If needed, 3072 or 2048 bit DSA keys can be generated with ssh-keygen-g3 --fips-mode.

(TECT-655) PQC algorithm support for Solaris as a part of the Tectia Quantum Safe Edition.

(TECT-663) Solaris installation packages are now 64-bit.

(TECT-721) Tectia Server now uses SHA-2 algorithm in hostbased authentication, and therefore it does not interoperate with old clients if hostbased authentication is enabled as a user authentication method. It is recommended to upgrade both the client-side and server-side to the latest Tectia version if hostbased authentication is used in the environment.

 

Important changes 6.6.1

(TECT-619) Increased default RSA and DSA key size from 2048 bits to 3072 bits and ECDSA from 256 bits to 384 bits. These changes reflect the new minimum values recommended by us for these authentication keys.

(TECT-614) NIST has chosen CRYSTALS-Kyber. Following this decision we have decided to remove SABER from the defaults. However, SABER still remains supported and the PQC hybrid KEX ecdh-nistp521-firesaber-sha512@ssh.com can be enabled in configuration.

For more information: https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022

The new PQC hybrid KEX defaults are:

* ecdh-nistp521-kyber1024-sha512@ssh.com

* curve25519-frodokem1344-sha512@ssh.com

* sntrup761x25519-sha512@openssh.com

 

Important changes 6.6.0

(TECT-193) Tectia Quantum Safe Edition license file enables Post Quantum Cryptography (PQC) algorithms SABER, CRYSTALS-Kyber, FrodoKEM and Streamlined NTRU Prime that are used in a Hybrid Key Exchange together with a classical ECDH algorithm. Both the PQC and ECDH algorithm contribute to the key material resulting in a session key that is at least as hard to break as the strongest composite. The hybrid approach mitigates the risk of future attacks on recorded secure shell sessions if weaknesses are discovered in either algorithm.

Note that the client-side, Tectia Client version 6.6 and above or OpenSSH version 9.0 or above, needs to also support and prefer at least one of the PQC hybrid KEX algorithms or connections will use classical KEX algorithms by default.

Note when upgrading from 6.5.1 with changed configurations or from 6.4.x, the Post Quantum Cryptography (PQC) algorithms require Tectia Quantum Safe Edition license and are not enabled unless explicitly configured. For configuration instructions how to enforce PQC hybrid KEX, please see the Tectia Server example ssh-server-config-example.xml in the configuration directory.

 

Important changes 6.5.1

(TECT-458) Disabled SHA1 algorithms from server defaults in lieu of previous deprecation warning. These algorithms can still be manually enabled for legacy reasons. It is important to understand that SHA-1 algorithms are deprecated due to security issues and should not be enabled without a critical legacy dependency for them. Enabling SHA-1 algorithms is not recommended by us.

* ssh-rsa (RSA/SHA1) is no longer included in public-key signature algorithms nor host key algorithms default values. We recommended using SHA2 variants (e.g. rsa-sha2-256, ssh-rsa-sha256@ssh.com) for existing RSA keys.

* ssh-dss (DSA/SHA1) is no longer included in public-key signature algorithms nor host key algorithms. We recommend using SHA2 variants (e.g. ssh-dss-sha256@ssh.com) for existing DSA keys and creating additional RSA, ED25519, or ECDSA key(s) for better interoperability with third-party clients/servers.

* diffie-hellman-group-exchange-sha1 (DH-GEX-SHA1) and diffie-hellman-group14-sha1 are no longer included in key exchange default values. We recommend using SHA2 variants (e.g. diffie-hellman-group-exchange-sha256 and diffie-hellman-group14-sha256).

SHA2 variants @ssh.com algoritms have been supported in Tectia Client/Server since version 6.2.0 released in 2011. Standardized SHA2 variants since version 6.4.18.

HMAC SHA1 algorithms still remain in server defaults. Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions.

CBC mode ciphers are no longer included in server defaults. Although there are no known vulnerabilities for current versions, there are better counter modes available such as GCM. CBC mode ciphers can still be manually enabled in the server configuration. This change was made to alleviate false positives from security scanners. Our recommendation is to use CTR mode and GCM mode over CBC mode whenever possible and use CBC mode only when it is not possible to use the other two counter modes with ciphers.

 

3. New Features

The following new features have been implemented in Tectia Server:

New features in 6.6.4

See the bug fixes.

 

New features in 6.6.3

(TECT-947) PKCS#11 external hostkey can be now advertised in hostkey rotation. Added also support for advertise(yes) and advertise_tectia_only(yes) in init string.

(TECT-943) ssh-keygen-g3 tool: Improved passphrase handling. Now if --random-pass option is used when generating a new key, the private key is protected with a BASE64 encoded passphrase and the path to <file>.pass is shown in the output. Added option --prompt-pass to prompt the passphrase in --hostkey mode.

(TECT-896) Added maximum unauthenticated connection limits configuration options that can be enabled to balance the connection load on systems with resource constraints.

(TECT-895) Minor improvement with SSH2_MSG_EXT_INFO packet sending during authentication to prevent some 3rd party clients from sporadically disconnecting due to the client's incorrect handling of the potential SSH_MSG_IGNORE packet.

(TECT-891) Improved SFTP subsystem debugging. Now 'sftpdebug' directs debug output to servant and disables standard error. Use 'sftpstderrdebug' to direct standard error to the client. Also added 'debug' and 'debug-file' attributes to server configuration.

(TECT-940) SFTP server audit messages are now formatted in the same way as the other server audit log messages.

(TECT-878) Performance profiling for currently running server. Intended for better problem diagnostics with the help of SSH support. Obtain performance measurements with 'ssh-server-ctl performance show' command.

(TECT-512) Windows: Added support for directory symlinks in SFTP.

(TECT-178) SFTP download and upload restrictions can now be enforced in server configuration file. Added sftp subsystem attribute 'disable' to disallow 'write', 'read' and/or 'update' file operations, 'streaming' to use traditional SFTP instead of streaming, 'intrusive' to disallow rename, remove, mkdir, rmdir, setstat, symlink operations and 'dirlist' (directory listing) and 'mmclist' (MVS master catalog listing).

 

New features in 6.6.2

(TECT-743) Tectia Quantum Safe Edition: Added a new PQC hybrid KEX algorithm

curve448-kyber1024-sha512@ssh.com that is supported when FIPS mode is enabled

(TECT-738) Tectia Server now logs information about its current host key(s) when starting or reloading configuration in new Server_hostkey message including the key type and length, fingerprints as Babble, RFC4716 and SHA-256 making it easier to identify for example servers with deprecated DSA host keys from syslog or Event Log and tracking changed host keys.

(TECT-672) Connection-specific protocol algorithm information for example KEX, MAC and Cipher are now available as blackboard fields. Blackboard also now supports banner-message for sending additional messages during user authentication.

(TECT-676) The selector publickey-passed for authentication chains now has "type" attribute, making it easier to log usage or deny smaller keys or undesired user key types.

(TECT-706) Improvements to the additional External Mapper that can be now chrooted and run as non-privileged mapper user. Also any errors from the custom mapper script are now more easily available in Rule_engine_warning log messages.

 

New features in 6.6.1

(TECT-611) Added Red Hat Enterprise Linux 9 as a supported installation platform.

(TECT-629) Added support for ncurses 6, which removes the previous dependency for libncurses compat libraries.

 

New features in 6.6.0

(TECT-193) Added support for Post Quantum Cryptography (PQC) hybrid key exchange algorithms.

Following PQC hybrid KEX algorithms are supported and enabled by default when Tectia Quantum Safe Edition license is installed:

* ecdh-nistp521-firesaber-sha512@ssh.com

* ecdh-nistp521-kyber1024-sha512@ssh.com

* curve25519-frodokem1344-sha512@ssh.com

* sntrup761x25519-sha512@openssh.com

(TECT-571) Added support for IBM AIX 7.3

(TECT-574) Tectia Server control utility can now be used to troubleshoot running Tectia Server. The 'ssh-server-ctl debug --help' command lists options that can be used to enable debug mode for the ssh-server-g3, servants and/or user SFTP server processes.

Note that 'ssh-server-ctl debug clear' should always be used after reproducing the problem. On Unix, it is needed even after stopping the service to clear the debug settings from any retired server processes.

SELinux enabled Linux: 'ssh-server-ctl debug <options>' is recommended method instead of starting the ssh-server-g3 process directly that results in wrong SELinux context, misleading failures and potential issues later when Tectia Server is started normally by systemd.

 

New features in 6.5.1

(TECT-325) Zero Trust certificate-based user authentication with short-lived X.509v3 or OpenSSH certificates. Delegate access control to PrivX for Just-In-Time (JIT) access management. PrivX version 22 and above is supported.

(TECT-462) Windows Server 2022 and SUSE Linux Enterprise Server 15 (x86-64) added as supported installation platforms.

(TECT-484) Linux: Installation creates and modifies /etc/pam.d/ssh-server-g3 Pluggable Authentication Modules (PAM) configuration and preserves original file to /etc/pam.d/ssh-server-g3.orig. PAM is now required for successful password authentication on RHEL.

(TECT-313) Added support for x509-certificate-chain for user and host certificates and standardized X.509v3 signature algorithms defined in RFC6187.

Following signature-algorithms and hostkey-algorithm are supported:

* x509v3-rsa2048-sha256

* x509v3-ecdsa-sha2-nistp256

* x509v3-ecdsa-sha2-nistp384

* x509v3-ecdsa-sha2-nistp521

* x509v3-ssh-dss (DSA/SHA1 not enabled by default on server-side)

* x509v3-ssh-rsa (RSA/SHA1 not enabled by default on server-side)

(TECT-147) Added support for OpenSSH user and host certificates.

Following signature-algorithms and hostkey-algorithm are supported:

* ecdsa-sha2-nistp256-cert-v01@openssh.com

* ecdsa-sha2-nistp384-cert-v01@openssh.com

* ecdsa-sha2-nistp521-cert-v01@openssh.com

* ssh-ed25519-cert-v01@openssh.com

* rsa-sha2-256-cert-v01@openssh.com

* rsa-sha2-512-cert-v01@openssh.com

* ssh-rsa-cert-v01@openssh.com (RSA/SHA1 not enabled by default)

* ssh-dss-cert-v01@openssh.com (DSA/SHA1 not enabled by default)

(TECT-492) Added curve25519-sha256@libssh.org to client and server key exchange defaults for better interoperability with 3rd party implementations that do not support standardized curve25519-sha256.

(TECT-335) Tectia Server Configuration GUI supports extended-key-usage certificate selector, for example secureShellClient (oid 1.3.6.1.5.5.7.3.21).

(TECT-61) Critical Microsoft custom policy OID 1.3.6.1.4.1.311.21.10 is now accepted if it contains only extended key usage oids that are present in the actual extended key usage extension in the X.509v3 certificate being validated.

(TECT-359) Tectia Server Configuration GUI can be used to configure OCSP trusted mode (RFC5019, RFC6960) responder issuing CA certificate.

(TECT-367) Added new configuration option xauth-shell attribute that can be used specify the shell used to run xauth binary instead of the user shell in X11 forwarding.

(TECT-426) Tectia Server Logging improvements Certificate_validation_success and Certificate_validation_failure log also Subject name, Email and UPN Subject Alternative Names for X.509v3 certificates and Key ID and principals for OpenSSH certificates.

 

4. Bug fixes

The following fixes have been implemented in Tectia Server:

Bug fixes in 6.6.4

(TECT-1048) Fixed an issue with sft-server-g3 path handling in traditional and streaming mode SFTP.

(TECT-1043) Windows: Fixed an issue with Windows volumes mounted in NTFS when accessed over sftp.

(TECT-1041) Windows: Reduced the number of requests sent to Windows Domain Controller, this may have caused problems with setups where the Domain Controller doesn't have sufficient resources allocated for running it.

(TECT-1031) Linux/Unix: Fixed an issue with servant processes occasionally hanging and refusing new connections.

(TECT-1030) Windows: Fixed issues with how symlinks are handled.

(TECT-1029) Windows: Symlinks can be now again set as the user's virtual home directory.

(TECT-1026) Windows: Improved the input handling of UTF-8 characters.

(TECT-985) Fixed issues that caused ssh-servant-g3 process to leak memory.

 

Bug fixes in 6.6.3

(TECT-932) Unix: Fixed an issue with X11 forwarding that may have caused server to leak file descriptors due to xauth failure.

(TECT-862) Radius server timeout in configuration is now enforced across retransmissions so that failure is reported within 10 seconds by default.

(TECT-855) HSM hostkey configured via PKCS#11 provider can now be initialized with 'allow-reuse(yes)' to prevent failure after 'Apply' is clicked in Server Configuration GUI or upon 'ssh-server-ctl reload'. Previously, key exchange failed on "Host key algorithm negotiation failed."

(TECT-854) Windows: Improved the network share handling in SFTP. Previously during high load sft-server-g3 processes could hang during starting when server failed to cleanup logon session of old connections. The symptoms were first slowness in opening SFTP sessions leading to server host needing to be rebooted to recover.

(TECT-808) 'ssh-server-ctl reload' no longer fails to reload configuration if FIPS is enabled only by system-wide FIPSMODE without crypto-lib mode also specified in configuration. Previously, reload failed on "You have changed the Crypto Library mode (FIPS/normal)." even if the server was already in FIPS mode.

(TECT-671, TECT-638, TECT-347) Windows: Fixed multiple issues with virtual home directory that in 6.5 and previous 6.6 versions resulted in 'not a directory' or 'invalid virtual directory' errors during file transfers to an existing virtual folder. Improvements also when virtual root or custom directory is configured as the virtual home directory.

(TECT-649) Windows: Server Configuration GUI no longer fails to remove users from password cache. In 6.5 and previous 6.6 versions, only ssh-server-ctl could be used to remove users.

(TECT-551) Windows: Server Configuration GUI no longer fails to show saved CRL prefetch URL configuration(s).

(TECT-549) Windows: Fixed a Server Configuration GUI crash related to showing Password Cache under some specific conditions. Related to TECT-649.

(TECT-525) Windows: Standard input is now used instead of command-line parameters to send attributes to sft-server-g3. Previously SFTP channel open would fail if either excessive and/or long virtual folder paths were configured.

(TECT-937) AIX: Fixed a potential deadlock issue with user initialization that may cause servant to hang if OS group selector was used in Tectia Server configuration on AIX 7.2.

 

Bug fixes in 6.6.2

(TECT-782) Linux: Server configuration file errors during startup are now reported also to syslog when systemd is used.

(TECT-634) Server now expects secure shell client to send its version and initial KEXINIT packet within first seven seconds when connection is received or it disconnects the client with Login grace-time exceeded. Normal login grace time applies after that.

(TECT-641) Windows: Fixed a resource exhaustion issue where logon sessions were not always properly cleared after connection was closed.

(TECT-636) Fixed a race condition with configuration reload that could result in Tectia Server to fail to accept new connections.

(TECT-784) SELinux enabled Linux: Correct context type is now used for /var/opt/tectia.

 

Bug fixes in 6.6.1

(TECT-626) Windows: Attempt to overwrite a file on NFS no longer fails with an input/output error. Previously an SFTP client had to delete the file with the same name first before upload.

(TECT-609) Fixed a bug with Radius authentication in RHEL that prevented the use of said authentication method.

 

Bug fixes in 6.6.0

(TECT-564) Fixed an issue with OCSP certificate validation that may have resulted in Certificate_validation_failure with error time-interval-was-invalid even if valid CRL was available when check against OCSP responder failed.

(TECT-526) Certificate validator cache-size configuration parameter was increased to 300MB.

 

Bug fixes in 6.5.2

(TECT-536) SELinux enabled Linux: Fixed an issue with upgrading from 6.4.x version to 6.5.1. In 6.5.1 Upgrade would fail, if /tmp/ssh-server-g3 was not manually removed.

 

Bug fixes in 6.5.1

(TECT-108) Linux: Tectia Server ssh-server-ctl now uses systemd on RHEL 7, 8, SUSE 12 and SUSE 15 for stopping and starting the service.

Recommended commands 'systemctl [start|stop|restart|status] ssh-server-g3'

For configuration update 'ssh-server-ctl reload' that validates the ssh-server-config.xml configuration is recommended.

(TECT-347) Windows Server: Using relative paths to access virtual folders no longer fail if home directory is configured as virtual root.

(TECT-199) Linux: Tectia Server is now confined to sshd SELinux context on RHEL.

(TECT-174) Tectia Server Configuration GUI now allows only service rule command configurations that the server supports. If forced command is set, no other commands can be added to the group. If a group contains multiple allowed commands, forced commands can not be added or edited to the group.

(TECT-423) Tectia Server now checks file permissions of CA certificates configured as trust anchors for user certificate authentication.

(TECT-433) Tectia Server Configuration GUI no longer overwrites public key signature-algorithms in ssh-server-config.xml with default values.

(TECT-127) OpenSSL generated passphrase protected PKCS#8 key no longer fails to be decoded.

(TECT-310) Tectia Server Configuration GUI now supports name-regexp attribute for example in authentication selector instead of overwriting manually configured selectors like <user name-regexp="[[:alpha:]]{5}[[:digit:]]{3}" />.

(TECT-401) Customized tunnel (port forwarding) restrictions are now enforced correctly.

* In tunnel-remote 'listen' will match only when listener is being opened. The 'src' is not matched when listener is opened but only when tunnel is opened.

* New tunnel-remote 'disable-privilege-check' attribute defaults to 'no'. If not set, tunnel listener open will always perform privilege check, forbidding listener open for ports under 1024 unless user is privileged admin/root user.

* New Tunnel endpoint 'tunnel-src' and 'tunnel-dst' added for tunnel-local and tunnel-remote, conversely. These match the ssh client end IP address as seen by the server based on the tcp connection. The 'src' in tunnel-local, that matches the connection source as reported by the client, has not been changed.

(TECT-333) Tectia Server Configuration GUI no longer crashes if host certificate has critical extension BasicConstraints CA = FALSE.

(TECT-353) Tectia Server user login with certificate no longer fails if user-group attribute is defined in the same selector with certificate selectors.

(TECT-361) Tectia Server Logging Channel_outbound_statistics and Channel_inbound_statistics no longer log username as uninitialized.

(TECT-382) Windows: ssh-shell in Tectia Server no longer ignores input bytes with highest bit set. Multibyte characters are now shown correctly when logged in with sshg3.

 

5. Known Issues

The following issues are currently known to exist in Tectia SSH Server:

(FB #41772) Linux, RHEL6: ssh-servant-g3 processes can show large virtual memory allocation, in excess of one GB per process. This is due to thread arena allocation in libc 2.10 and later, included in RHEL 6.0, not because of memory leaks.

(FB #39681) Solaris: With exec-directly="no", csh on Solaris closes auditing file descriptors for sft-server-g3, effectively disabling logging with sftp. The recommended solution here is to use exec-directly="yes".

(FB #41617) Windows: Upgrade only recognizes versions 6.1 onwards.

(FB #36835) All platforms: Remote translation tables only work when the site command X=BIN is used. Local translation tables work as intended.

(FB #22991) AIX: Upgrading from version 6.2.x or 6.3.x will not restart the server automatically after installing the upgrade packages. Upgrading from versions 6.1.x (or earlier), and versions 6.4.2 (or later) will work normally and restart the server after upgrade.

(FB #19541) Unix/Linux: When logged to the SSH Tectia Server, an executable will fail to start if any parent of the current working directory is not readable and relative paths are used to refer to the executable.

(FB #13818) All Platforms: The usage of IPv6 addresses in certificates is not yet supported.

(FB #14973) Linux: SSH Tectia Server must be stopped before upgrading from 6.2.0 as the newer ssh-server-ctl will not be able to stop the 6.2.0 server. Upgrades from any other version than 6.2.0 do not experience this issue.

(FB #9145) Windows: When installing Tectia Server on a platform that has more than 30 CPUs running Windows 2003 SP2, make sure that you have the proper Microsoft patches installed to not hit a Microsoft bug which will make your host unusable. For more information, see: http://support.microsoft.com/kb/2539164

(FB #9367) Windows: If the installation fails with error message "An error occurred during the installation of assembly component {B708EB72-AA82-3EB7-8BB0- D845BAB35C93D}. HRESULT: 0x80070BC9" use Windows Update to install required operating system updates.

(FB #9106) AIX: Executables are now compiled in 64 bit. For PAM to work, the operating system should point to the 64-bit versions of PAM libraries instead of the 32-bit versions.

(FB #9530) All platforms: Extra checks are done when starting the Tectia Server and Connection Broker in the FIPS mode due to the OpenSSL FIPS cryptographic library health check. This will lead to a noticeable delay in the start of the process on slow machines.

(FB #8826) Windows: Users authenticated with a public key cannot access Network DFS shares that are in a different box than where the Tectia server is running. Workaround: Use password cache.

(FB #4699) AIX: Due to IBM's bug IZ02631, a servant may deadlock under heavy stress. IBM has a fix for AIX 5.3 and AIX 6.1.

(RQ #19164) Linux RedHat 3: The pam_krb5 module supplied with Red Hat Linux 3 will not work with Tectia Server when configured with pam-calls-with-commands=yes as pam_krb5 requires pam_authenticate() to be called before pam_setcred().

(RQ #19080) AIX: Authentication may fail for LDAP accounts when verifying login permissions. This is caused by an error in AIX system libraries when trying to retrieve password expiration information for an LDAP user and is addressed by IBM APAR IZ46727 (registration required): http://www-01.ibm.com/support/docview.wss?uid=isg1IZ46727

(RQ #18437) Windows: Tectia Server doesn't support other than ISO Latin 1 character sets in folder names for storing troubleshooting logs.

(RQ #18307) All platforms: The file transfer with WinSCP 3.6 might fail when the file transfer is resumed.

(RQ #18211) All platforms: If the server configuration has one or more selectors in the <connections> block listing specific ciphers, and the client does not match the selector, it is still allowed the default ciphers. This is because there is no implicit deny-rule in the <connections> block (the behavior is different from the <authentication-methods> block).

(RQ #18084) Unix: All installed Tectia products must be upgraded to 6.0.2 at the same time. If some packages are left to 6.0.1 or older version, they will stop working when the 6.0.2 common package is installed.

(RQ #17626) Windows: On Windows, Tectia Server does not support GW mode for connecting to other Secure Shell servers.

(RQ #17604) All platforms: Files larger then 4GB cannot be transferred to or from Tectia Server when using the old OpenSSH 'scp' command. Workaround: The files can be transferred using scpg3 or sftpg3.

(RQ #17271) Solaris x86-64: RSA SecurID cannot be used with Tectia Server on Solaris x86-64, because RSA SecurID offers only a 32-bit PAM library. Tectia Server expects a 64-bit pam_securid.so.

(RQ #17170) Solaris 10: Tectia Server and the FTP/SFTP conversion component of Tectia Client with EFT Expansion Pack need to be uninstalled separately from each local zone, if they have been installed to all zones by installing into the global zone.

(RQ #17055) Solaris: Installation packages do not detect the underlying Solaris architecture to prevent installation of the x86-64 packages on x86 architecture. The packages can be installed but they will not work.

(RQ #16986) Windows: SFTP 'chmod' command is not supported against Tectia Server running on Windows.

(RQ #16410) Solaris 10: Tectia Server and the FTP-SFTP conversion component of Tectia ConnectSecure need to be uninstalled separately from each local zone, if they got installed to all zones by installing into the global zone.

(RQ #16342) All platforms: OpenSSH keys are not accepted as host keys, when running the server in FIPS mode.

(RQ #16285) AIX: When trying to log in to an AIX server using an account which has an expired password, the client returns the following error message: "Request exec channel error: Disconnected by application." The reason for the disconnection is, however, logged correctly in the server's log.

(RQ #16080) Windows: The Server reports a "Wrong password" message to the event log even though the correct password is given, but the account has expired.

(RQ #15976) Windows: Users without administrator rights cannot use file transfer with the default Windows 2003 ACL settings.

(RQ #15973) All platforms: The certificate validation path construction from LDAP fails, if the LDAP server requires suffix ';binary' for the PKI binary blob attribute names.

(RQ #15874) Linux: If a user account has expired, the Server incorrectly asks the user to change the password and then denies login.

(RQ #15819) Solaris: Quality checks for password changes (e.g. password length, characters etc.) enforced by PAM will only be enforced when using PAM authentication. When changing passwords via forced commands (i.e. when using authentication methods other than keyboard-interactive PAM), the Tectia Server will not enforce PAM-related password quality checks.

(RQ #15807) Windows: If a non-admin user tries to start the server, the server reports error message "Failed to access service manager".

(RQ #15711) Windows: All well-known security identifiers ('Everyone' and'Authenticated Users', for instance) are not shown in the Tectia Server Configuration GUI's directory object picker when browsing groups for a selector.

(RQ #15627) Unix: Currently it is not possible to allow X11 forwarding when terminal connections are denied.

(RQ #15393) Windows: Installing PGP Desktop 9.5.2 and Tectia Server on the same Windows machine will cause the one installed earlier not to work.

(RQ #15228) All platforms: File transfers of files larger than 4kb using Net:SFTP and Net::SSH::Perl fail against Tectia Server. Workaround is documented at http://www.cpanforum.com/threads/2092. The workaround involves lowering the value of COPY_SIZE in the SFTP.pm perl module from 8192 to 4063 or lower.

(RQ #15016) HP-UX: Shadow passwords are not supported on HP-UX when using the password authentication method. Shadow passwords can be used on HP-UX only with keyboard-interactive PAM authentication, with the appropriate PAM configuration.

(RQ #14973) Windows: The Server reports "Wrong password" message to the event log even though the correct password is given, if the account is locked.

(RQ #14762) Windows: Currently it is not possible to see and select Active Directory universal groups in the User Group Selector dialog of the configuration tool GUI. However, universal groups can be used as selectors if those are entered manually to the user group selector name field.

(RQ #14259) AIX: The Server hangs after a few authentication tries when the following value is set in the /etc/security/user file: SYSTEM='KRB5Files or compat' The Server does not hang when the value is set to: SYSTEM='compat'

(RQ #14039) Windows: Using rsync with Cygwin OpenSSH against Tectia Server fails when using public-key authentication.

(RQ #12576) HP-UX 11.11: Attempting GSSAPI authentication can cause the auths-gssapi-userproc-krb process to consume CPU and not exit after the client disconnects. The GSSAPI authentication will be enabled if no configuration file is found or if specifically enabled in the server configuration. The HP-UX patch PHSS_35381 fixes this issue. GSSAPI needs to be disabled in the server configuration, if installing the patch is not an option.

(RQ #12517) Unix: Canceling user authentication when Tectia Server has been configured with keyboard-interactive authentication method, causes authentication to fail with "Server responded 'Unexpected response packet'".

(RQ #11836) All platforms: After changing the password on a Secure Shell server, but before logging in with the new password, either the Connection Broker must be restarted to close the previous connection, or the user must wait for the connection to time out (by default 5 seconds). If this is not done, login with the new password will not succeed.

 

 

6. Further Information

More information can be found on the Tectia man pages and manuals. Tectia manuals are also available from https://www.ssh.com/manuals/

Additional licenses can be purchased by contacting sales at https://www.ssh.com/ 

1. About This Release

The 6.6 release of Tectia Server is declared Long Term Supported (LTS),  and it is supported for 3 years from the release date of 6.6.2. The latest support end dates for Tectia Client/Server are available at: https://www.ssh.com/products/support/end-of-support

The 6.6.3 release is available for AIX (POWER), HP-UX (IA-64 and PA-RISC), Solaris (SPARC and x86-64), Linux (x86-64) and Windows (x86-64) platforms.

PQC algorithms supported only on AIX, Solaris, Linux and Windows.

Special items for 6.6 release are:

  • Tectia Quantum Safe Edition with multiple PQC hybrid key exchange algorithms

  • Added support for Ubuntu, Debian, Rocky (Linux) platforms

  • Improvements to certificate validation

  • FIPS module has been updated to OpenSSL 3.0.8 in Solaris, Linux and Windows

  • Removed ETM MAC algorithms from the defaults

  • Deprecation of DSA signature algorithms from the defaults

  • Deprecation of SHA-1 algorithms from the defaults

We recommend uninstalling any SSH Secure Shell and SSH Tectia 4.x products, and on Windows also SSH Tectia 6.0.x or older, before installing SSH Tectia 6.6 products.

For the installation instructions, refer to the Tectia Server Administrator Manual.

 

2. Important Changes

Important changes in 6.6.3

(TECT-981) The hmac-sha2-256-etm@openssh.com and hmac-sha2-512-etm@openssh.com MAC algorithms are no longer included in the defaults. Also the strict KEX mitigation to low impact CVE-2023-48795 has been implemented. Please note that also the Secure Shell client needs to support the strict KEX.

(TECT-944) Hostkey generation now by default does not prompt for a passphase. In FIPS mode random passphrase is stored in hostkey.pass file and in non-FIPS mode an empty passphrase is assumed.

(TECT-740) FIPS module has been updated to OpenSSL 3.0.8 in Solaris, Linux and Windows.

(TECT-968) In FIPS mode diffie-hellman-group-exchange-sha256 (DH-GEX-SHA256) and other Group Exchange (GEX) methods are now disabled in Key Exchange (KEX) to comply with FIPS 140-2 NIST SP 800-56Ar3 requirement of using standard Modular Exponential (MODP) Diffie-Hellman groups such as diffie-hellman-group18-sha512.

Customers using FIPS should verify that their Tectia configurations do not contain Group Exchange (GEX) methods. Tectia Server will refuse to start in FIPS mode after upgrade with "Failed to set kex" error if configuration requires any diffie-hellman-group-exchange-* (DH-GEX-*) algorithms.

(TECT-892) AES-GCM is now preferred over AES-CTR in default configurations.

(TECT-824) Added official support for Rocky Linux (8 and 9), Ubuntu (18.04, 20.04 and 22.04) and Debian GNU/Linux (11 and 12) platforms.

3. New Features

The following new features have been implemented in Tectia Server:

New features in 6.6.3

(TECT-947) - PKCS#11 external hostkey can be now advertised in hostkey rotation. Added also support for advertise(yes) and advertise_tectia_only(yes) in init string.

(TECT-943) - ssh-keygen-g3 tool: Improved passphrase handling. Now if --random-pass option is used when generating a new key, the private key is protected with a BASE64 encoded passphrase and the path to <file>.pass is shown in the output. Added option --prompt-pass to prompt the passphrase in --hostkey mode.

(TECT-896) - Added maximum unauthenticated connection limits configuration options that can be enabled to balance the connection load on systems with resource constraints.

(TECT-895) - Minor improvement with SSH2_MSG_EXT_INFO packet sending during authentication to prevent some 3rd party clients from sporadically disconnecting due to the client's incorrect handling of the potential SSH_MSG_IGNORE packet

(TECT-891) - Improved SFTP subsystem debugging. Now 'sftpdebug' directs debug output to servant and disables standard error. Use 'sftpstderrdebug' to direct standard error to the client. Also added 'debug' and 'debug-file' attributes to server configuration.

(TECT-940) - SFTP server audit messages are now formatted in the same way as the other server audit log messages.

(TECT-878) - Performance profiling for currently running server. Intended for better problem diagnostics with the help of SSH support. Obtain performance measurements with 'ssh-server-ctl performance show' command.

(TECT-512) - Windows: Added support for directory symlinks in SFTP.

(TECT-178) - SFTP download and upload restrictions can now be enforced in server configuration file. Added sftp subsystem attribute 'disable' to disallow 'write', 'read' and/or 'update' file operations, 'streaming' to use traditional SFTP instead of streaming, 'intrusive' to disallow rename, remove, mkdir, rmdir, setstat,  symlink operations and 'dirlist' (directory listing) and 'mmclist' (MVS master catalog listing).

4. Bug fixes

The following fixes have been implemented in Tectia Server:

Bug fixes in 6.6.3

(TECT-932) - Unix: Fixed an issue with X11 forwarding that may have caused server to leak file descriptors due to xauth failure.

(TECT-862) - Radius server timeout in configuration is now enforced across retransmissions so that failure is reported within 10 seconds by default.

(TECT-855) - HSM hostkey configured via PKCS#11 provider can now be initialized with 'allow-reuse(yes)' to prevent failure after 'Apply' is clicked in Server Configuration GUI or upon 'ssh-server-ctl reload'. Previously, key exchange failed on "Host key algorithm negotiation failed."

(TECT-854) - Windows: Improved the network share handling in SFTP. Previously during high load sft-server-g3 processes could hang during starting when server failed to cleanup logon session of old connections. The symptoms were first slowness in opening SFTP sessions leading to server host needing to be rebooted to recover.

(TECT-808) - 'ssh-server-ctl reload' no longer fails to reload configuration if FIPS is enabled only by system-wide FIPSMODE without crypto-lib mode also specified in configuration. Previously, reload failed on "You have changed the Crypto Library mode (FIPS/normal)." even if the server was already in FIPS mode.

(TECT-671, TECT-638, TECT-347) - Windows: Fixed multiple issues with virtual home directory that in 6.5 and previous 6.6 versions resulted in 'not a directory' or 'invalid virtual directory' errors during file transfers to an existing virtual folder. Improvements also when virtual root or custom directory is configured as the virtual home directory.

(TECT-649) - Windows: Server Configuration GUI no longer fails to remove users from password cache. In 6.5 and previous 6.6 versions, only ssh-server-ctl could be used to remove users.

(TECT-551) - Windows: Server Configuration GUI no longer fails to show saved CRL prefetch URL configuration(s).

(TECT-549) - Windows: Fixed a Server Configuration GUI crash related to showing Password Cache under some specific conditions. Related to TECT-649.

(TECT-525) - Windows: Standard input is now used instead of command-line parameters to send attributes to sft-server-g3. Previously SFTP channel open would fail if either excessive and/or long virtual folder paths were configured.

5. Known Issues

The following issues are currently known to exist in Tectia SSH Server:

(FB #41772) - Linux, RHEL6: ssh-servant-g3 processes can show large virtual memory allocation, in excess of one GB per process. This is due to thread arena allocation in libc 2.10 and later, included in RHEL 6.0, not because of memory leaks.

(FB #39681) - Solaris: With exec-directly="no", csh on Solaris closes auditing file descriptors for sft-server-g3, effectively disabling logging with sftp. The recommended solution here is to use exec-directly="yes".

(FB #41617) - Windows: Upgrade only recognizes versions 6.1 onwards.

(FB #36835) - All platforms: Remote translation tables only work when the site command X=BIN is used. Local translation tables work as intended.

(FB #22991) - AIX: Upgrading from version 6.2.x or 6.3.x will not restart the server automatically after installing the upgrade packages. Upgrading from versions 6.1.x (or earlier), and versions 6.4.2 (or later) will work normally and restart the server after upgrade.

(FB #19541) - Unix/Linux: When logged to the SSH Tectia Server, an executable will fail to start if any parent of the current working directory is not readable and relative paths are used to refer to the executable.

(FB #13818) - All Platforms: The usage of IPv6 addresses in certificates is not yet supported.

(FB #14973) - Linux: SSH Tectia Server must be stopped before upgrading from 6.2.0 as the newer ssh-server-ctl will not be able to stop the 6.2.0 server. Upgrades from any other version than 6.2.0 do not experience this issue.

(FB #9145) - Windows: When installing Tectia Server on a platform that has more than 30 CPUs running Windows 2003 SP2, make sure that you have the proper Microsoft patches installed to not hit a Microsoft bug which will make your host unusable.

For more information, see: http://support.microsoft.com/kb/2539164

(FB #9367) - Windows: If the installation fails with error message "An error occurred during the installation of assembly component {B708EB72-AA82-3EB7-8BB0-D845BAB35C93D}. HRESULT: 0x80070BC9" use Windows Update to install required operating system updates.

(FB #9106) - AIX: Executables are now compiled in 64 bit. For PAM to work, the operating system should point to the 64-bit versions of PAM libraries instead of the 32-bit versions.

(FB #9530) - All platforms: Extra checks are done when starting the Tectia Server and Connection Broker in the FIPS mode due to the OpenSSL FIPS cryptographic library health check. This will lead to a noticeable delay in the start of the process on slow machines.

(FB #8826) - Windows: Users authenticated with a public key cannot access Network DFS shares that are in a different box than where the Tectia server is running. Workaround: Use password cache.

(FB #4699) - AIX: Due to IBM's bug IZ02631, a servant may deadlock under heavy stress. IBM has a fix for AIX 5.3 and AIX 6.1.

(RQ #19164) - Linux RedHat 3: The pam_krb5 module supplied with Red Hat Linux 3 will not work with Tectia Server when configured with pam-calls-with-commands=yes as pam_krb5 requires pam_authenticate() to be called before pam_setcred().

(RQ #19080) - AIX: Authentication may fail for LDAP accounts when verifying login permissions. This is caused by an error in AIX system libraries when trying to retrieve password expiration information for an LDAP user and is addressed by IBM APAR IZ46727 (registration required): http://www-01.ibm.com/support/docview.wss?uid=isg1IZ46727

(RQ #18437) - Windows: Tectia Server doesn't support other than ISO Latin 1 character sets in folder names for storing troubleshooting logs.

(RQ #18307) - All platforms: The file transfer with WinSCP 3.6 might fail when the file transfer is resumed.

(RQ #18211) - All platforms: If the server configuration has one or more selectors in the <connections> block listing specific ciphers, and the client does not match the selector, it is still allowed the default ciphers. This is because there is no implicit deny-rule in the <connections> block (the behavior is different from the <authentication-methods> block).

(RQ #18084) - Unix: All installed Tectia products must be upgraded to 6.0.2 at the same time.  If some packages are left to 6.0.1 or older version, they will stop working when the 6.0.2 common package is installed.

(RQ #17626) - Windows: On Windows, Tectia Server does not support GW mode for connecting to other Secure Shell servers.

(RQ #17604) - All platforms: Files larger then 4GB cannot be transferred to or from Tectia Server when using the old OpenSSH 'scp' command. Workaround: The files can be transferred using scpg3 or sftpg3.

(RQ #17271) - Solaris x86-64: RSA SecurID cannot be used with Tectia Server on Solaris x86-64, because RSA SecurID offers only a 32-bit PAM library. Tectia Server expects a 64-bit pam_securid.so.

(RQ #17170) - Solaris 10: Tectia Server and the FTP/SFTP conversion component of Tectia Client with EFT Expansion Pack need to be uninstalled separately from each local zone, if they have been installed to all zones by installing into the global zone.

(RQ #17055) - Solaris: Installation packages do not detect the underlying Solaris architecture to prevent installation of the x86-64 packages on x86 architecture. The packages can be installed but they will not work.

(RQ #16986) - Windows: SFTP 'chmod' command is not supported against Tectia Server running on Windows.

(RQ #16410) - Solaris 10: Tectia Server and the FTP-SFTP conversion component of Tectia ConnectSecure need to be uninstalled separately from each local zone, if they got installed to all zones by installing into the global zone.

(RQ #16342) - All platforms: OpenSSH keys are not accepted as host keys, when running the server in FIPS mode.

(RQ #16285) - AIX: When trying to log in to an AIX server using an account which has an expired password, the client returns the following error message: "Request exec channel error: Disconnected by application." The reason for the disconnection is, however, logged correctly in the server's log.

(RQ #16080) - Windows: The Server reports a "Wrong password" message to the event log even though the correct password is given, but the account has expired.

(RQ #15976) - Windows: Users without administrator rights cannot use file transfer with the default Windows 2003 ACL settings.

(RQ #15973) - All platforms: The certificate validation path construction from LDAP fails, if the LDAP server requires suffix ';binary' for the PKI binary blob attribute names.

(RQ #15874) - Linux: If a user account has expired, the Server incorrectly asks the user to change the password and then denies login.

(RQ #15819) - Solaris: Quality checks for password changes (e.g. password length, characters etc.) enforced by PAM will only be enforced when using PAM authentication. When changing passwords via forced commands (i.e. when using authentication methods other than keyboard-interactive PAM), the Tectia Server will not enforce PAM-related password quality checks.

(RQ #15807) - Windows: If a non-admin user tries to start the server, the server reports error message "Failed to access service manager".

(RQ #15711) - Windows: All well-known security identifiers ('Everyone' and 'Authenticated Users', for instance) are not shown in the Tectia Server Configuration GUI's directory object picker when browsing groups for a selector.

(RQ #15627) - Unix: Currently it is not possible to allow X11 forwarding when terminal connections are denied.

(RQ #15393) - Windows: Installing PGP Desktop 9.5.2 and Tectia Server on the same Windows machine will cause the one installed earlier not to work.

(RQ #15228) - All platforms: File transfers of files larger than 4kb using Net:SFTP and Net::SSH::Perl fail against Tectia Server. Workaround is documented at http://www.cpanforum.com/threads/2092. The workaround involves lowering the value of COPY_SIZE in the SFTP.pm perl module from 8192 to 4063 or lower.

(RQ #15016) - HP-UX: Shadow passwords are not supported on HP-UX when using the password authentication method. Shadow passwords can be used on HP-UX only with keyboard-interactive PAM authentication, with the appropriate PAM configuration.

(RQ #14973) - Windows: The Server reports "Wrong password" message to the event log even though the correct password is given, if the account is locked.

(RQ #14762) - Windows: Currently it is not possible to see and select Active Directory universal groups in the User Group Selector dialog of the configuration tool GUI. However, universal groups can be used as selectors if those are entered manually to the user group selector name field.

(RQ #14259) - AIX: The Server hangs after a few authentication tries when the following value is set in the /etc/security/user file: SYSTEM='KRB5Files or compat'

The Server does not hang when the value is set to: SYSTEM='compat'

(RQ #14039) - Windows: Using rsync with Cygwin OpenSSH against Tectia Server fails when using public-key authentication.

(RQ #12576) - HP-UX 11.11: Attempting GSSAPI authentication can cause the auths-gssapi-userproc-krb process to consume CPU and not exit after the client disconnects. The GSSAPI authentication will be enabled if no configuration file is found or if specifically enabled in the server configuration. The HP-UX patch PHSS_35381 fixes this issue. GSSAPI needs to be disabled in the server configuration, if installing the patch is not an option.

(RQ #12517) - Unix: Canceling user authentication when Tectia Server has been configured with keyboard-interactive authentication method, causes authentication to fail with "Server responded 'Unexpected response packet'".

(RQ #11836) - All platforms: After changing the password on a Secure Shell server, but before logging in with the new password, either the Connection Broker must be restarted to close the previous connection, or the user must wait for the connection to time out (by default 5 seconds). If this is not done, login with the new password will not succeed.

 

6. Further Information

More information can be found on the Tectia man pages and manuals. Tectia manuals are also available from https://www.ssh.com/manuals/

Additional licenses can be purchased by contacting sales at https://www.ssh.com/ 

1. About This Release

The 6.6 release of Tectia Server is declared Long Term Supported (LTS), and it is supported for 3 years from the release date of 6.6.2.

The latest support end dates for Tectia Client/Server are available here.

The 6.6.2 release is available for AIX (POWER), HP-UX (IA-64 and PA-RISC), Solaris (SPARC and x86-64), Linux (x86-64) and Windows (x86-64) platforms. PQC algorithms supported only on AIX, Solaris, Linux and Windows.

Special items for 6.6 release are:

  • Tectia Quantum Safe Edition with multiple PQC hybrid key exchange algorithms
  • Improvements to certificate validation
  • FIPS module has been updated to OpenSSL 3.0 in Solaris, Linux and Windows
  • Deprecation of DSA signature algorithms from the defaults
  • Deprecation of SHA-1 algorithms from the defaults

We recommend uninstalling any SSH Secure Shell and SSH Tectia 4.x products, and on Windows also SSH Tectia 6.0.x or older, before installing SSH Tectia 6.6 products.

For the installation instructions, refer to the Tectia Server Administrator Manual here.

 

2. Important Changes

(TECT-718) DSA has been deprecated and is no longer included in default values of host key algorithms nor public-key signature algorithms. We strongly recommend to use any other supported hostkey algorithm and signature algorithm instead for host keys and user keys.

CAUTION: Connections will fail with "Key exchange failed" and "Host key algorithm negotiation failed" errors after upgrade if Tectia Server has a DSA host key as the only identity and the ssh-server-config.xml does not explicitly allow using deprecated DSA algoritm(s) such as ssh-dss-sha256@ssh.com.

It is recommended to generate a new RSA of 3072-bit or higher and/or Elliptic Curve keys (ECDSA or Edwards Curve) and to replace the old DSA host key. To manually rotate the host key to avoid changed hostkey warnings on client-side, please see Appendix "Changing the Host Key of Tectia Server" in Admin Manual.

(TECT-722) During upgrade on Unix platforms, a new default RSA host key /etc/ssh2/hostkey is automatically generated if the current default host key is a DSA key. After upgrade, the old DSA host key /etc/ssh2/hostkey_dsa_old can be manually enabled as an additional identity if needed. Please see ssh-server-config-example.xml. 

On Windows, it is recommended to rename the default <INSTALLDIR>\hostkey if it is a DSA host key before upgrade so that installation will generate a new default RSA host key. After install, a new hostkey can be generated, for example on Tectia Server Configuraiton GUI Identity page if needed.

(TECT-566) Using OpenSSL 3.0 FIPS container for Solaris, Linux and Windows. RSA, ECDSA and Ed25519 keys are supported in FIPS mode. New DSA keys cannot be generated with Server Configuration GUI. If needed, 3072 or 2048 bit DSA keys can be generated with ssh-keygen-g3 --fips-mode.

(TECT-655) PQC algorithm support for Solaris as a part of the Tectia Quantum Safe Edition.

(TECT-663) Solaris installation packages are now 64-bit.

(TECT-721) Tectia Server now uses SHA-2 algorithm in hostbased authentication, and therefore it does not interoperate with old clients if hostbased authentication is enabled as a user authentication method. It is recommended to upgrade both the client-side and server-side to the latest Tectia version if hostbased authentication is used in the environment.

 

3. New Features

(TECT-743) Tectia Quantum Safe Edition: Added a new PQC hybrid KEX algorithm curve448-kyber1024-sha512@ssh.com that is supported when FIPS mode is enabled.

(TECT-738) Tectia Server now logs information about its current host key(s) when starting or reloading configuration in new Server_hostkey message including the key type and length, fingerprints as Babble, RFC4716 and SHA-256 making it easier to identify for example servers with deprecated DSA host keys from syslog or Event Log and tracking changed host keys.

(TECT-672) Connection-specific protocol algorithm information for example KEX, MAC and Cipher are now available as blackboard fields. Blackboard also now supports banner-message for sending additional messages during user authentication.

(TECT-676) The selector publickey-passed for authentication chains now has "type" attribute, making it easier to log usage or deny smaller keys or undesired user key types.

(TECT-706) Improvements to the additional External Mapper that can be now chrooted and run as non-privileged mapper user. Also any errors from the custom mapper script are now more easily available in Rule_engine_warning log messages.

 

4. Bug Fixes

(TECT-782) Linux: Server configuration file errors during startup are now reported also to syslog when systemd is used.

(TECT-634) Server now expects secure shell client to send its version and initial KEXINIT packet within first seven seconds when connection is received or it disconnects the client with Login grace-time exceeded. Normal login grace time applies after that.

(TECT-641) Windows: Fixed a resource exhaustion issue where logon sessions were not always properly cleared after connection was closed.

(TECT-636) Fixed a race condition with configuration reload that could result in Tectia Server to fail to accept new connections.

(TECT-784) SELinux enabled Linux: Correct context type is now used for /var/opt/tectia.

 

5. Known Issues

The following issues are currently known to exist in Tectia SSH Server:

(TECT-347) In Windows Server virtual folders are incorrectly resolved, if the users home directory is a virtual folder.

Workaround: Specify commands to use the real path to Windows directories instead of the virtual directories when home directory is a virtual folder.

(FB #41772) Linux, RHEL6: ssh-servant-g3 processes can show large virtual memory allocation, in excess of one GB per process. This is due to thread arena allocation in libc 2.10 and later, included in RHEL 6.0, not because of memory leaks.

(FB #39681) Solaris: With exec-directly="no", csh on Solaris closes auditing file descriptors for sft-server-g3, effectively disabling logging with sftp. The recommended solution here is to use exec-directly="yes".

(FB #41617) Windows: Upgrade only recognizes versions 6.1 onwards.

(FB #36835) All platforms: Remote translation tables only work when the site command X=BIN is used. Local translation tables work as intended.

(FB #22991) AIX: Upgrading from version 6.2.x or 6.3.x will not restart the server automatically after installing the upgrade packages. Upgrading from versions 6.1.x (or earlier), and versions 6.4.2 (or later) will work normally and restart the server after upgrade.

(FB #19541) Unix/Linux: When logged to the SSH Tectia Server, an executable will fail to start if any parent of the current working directory is not readable and relative paths are used to refer to the executable.

(FB #13818) All Platforms: The usage of IPv6 addresses in certificates is not yet supported.

(FB #14973) Linux: SSH Tectia Server must be stopped before upgrading from 6.2.0 as the newer ssh-server-ctl will not be able to stop the 6.2.0 server. Upgrades from any other version than 6.2.0 do not experience this issue.

(FB #9145) Windows: When installing Tectia Server on a platform that has more than 30 CPUs running Windows 2003 SP2, make sure that you have the proper Microsoft patches installed to not hit a Microsoft bug which will make your host unusable.

For more information, see: http://support.microsoft.com/kb/2539164

(FB #10425) Unix: if OpenSSL 0.9.8 is installed on the host where Tectia Server is installed, it may fail when using PAM with software that uses that OpenSSL library.

Workaround if FIPS is not used: Rename the libcrypto.so.0.9.8 existent under /opt/tectia/sshlib to another name (note that this will make FIPS mode unusable).

(FB #9367) Windows: If the installation fails with error message "An error occurred during the installation of assembly component {B708EB72-AA82-3EB7-8BB0-D845BAB35C93D}. HRESULT: 0x80070BC9" use Windows Update to install required operating system updates.

(FB #9106) AIX: Executables are now compiled in 64 bit. For PAM to work, the operating system should point to the 64-bit versions of PAM libraries instead of the 32-bit versions.

(FB #9530) All platforms: Extra checks are done when starting the Tectia Server and Connection Broker in the FIPS mode due to the OpenSSL FIPS cryptographic library health check. This will lead to a noticeable delay in the start of the process on slow machines.

(FB #8826) Windows: Users authenticated with a public key cannot access Network DFS shares that are in a different box than where the Tectia server is running.

Workaround: Use password cache.

(FB #4699) AIX: Due to IBM's bug IZ02631, a servant may deadlock under heavy stress. IBM has a fix for AIX 5.3 and AIX 6.1.

(FB #4705) Linux SE: If the common package is installed with SElinux disabled, the following warning message will be given during the installation:

  •    /usr/bin/chcon: can't apply partial context to unlabeled file
  •    /opt/tectia/lib/shlib/libicudata.so.40
  •    /usr/bin/chcon: can't apply partial context to unlabeled file
  •    /opt/tectia/lib/shlib/libicuuc.so.40

This can be safely ignored. However, if the SElinux enforcing is enabled after the installation, the following command needs to be executed:

  •    /usr/bin/chcon -t textrel_shlib_t /opt/tectia/lib/shlib/*.so

(RQ #19164) Linux RedHat 3: The pam_krb5 module supplied with Red Hat Linux 3 will not work with Tectia Server when configured with pam-calls-with-commands=yes as pam_krb5 requires pam_authenticate() to be called before pam_setcred().

(RQ #19080) AIX: Authentication may fail for LDAP accounts when verifying login permissions. This is caused by an error in AIX system libraries when trying to retrieve password expiration information for an LDAP user and is addressed by IBM APAR IZ46727 (registration required):

  •    http://www-01.ibm.com/support/docview.wss?uid=isg1IZ46727

(RQ #18437) Windows: Tectia Server doesn't support other than ISO Latin 1 character sets in folder names for storing troubleshooting logs.

(RQ #18307) All platforms: The file transfer with WinSCP 3.6 might fail when the file transfer is resumed.

(RQ #18211) All platforms: If the server configuration has one or more selectors in the <connections> block listing specific ciphers, and the client does not match the selector, it is still allowed the default ciphers. This is because there is no implicit deny-rule in the <connections> block (the behavior is different from the <authentication-methods> block).

(RQ #18084) Unix: All installed Tectia products must be upgraded to 6.0.2 at the same time. If some packages are left to 6.0.1 or older version, they will stop working when the 6.0.2 common package is installed.

(RQ #17626) Windows: On Windows, Tectia Server does not support GW mode for connecting to other Secure Shell servers.

(RQ #17604) All platforms: Files larger then 4GB cannot be transferred to or from Tectia Server when using the old OpenSSH 'scp' command.

Workaround: The files can be transferred using scpg3 or sftpg3.

(RQ #17271) Solaris x86-64: RSA SecurID cannot be used with Tectia Server on Solaris x86-64, because RSA SecurID offers only a 32-bit PAM library. Tectia Server expects a 64-bit pam_securid.so.

(RQ #17170) Solaris 10: Tectia Server and the FTP/SFTP conversion component of Tectia Client with EFT Expansion Pack need to be uninstalled separately from each local zone, if they have been installed to all zones by installing into the global zone.

(RQ #17055) Solaris: Installation packages do not detect the underlying Solaris architecture to prevent installation of the x86-64 packages on x86 architecture. The packages can be installed but they will not work.

(RQ #16986) Windows: SFTP 'chmod' command is not supported against Tectia Server running on Windows.

(RQ #16410) Solaris 10: Tectia Server and the FTP-SFTP conversion component of Tectia ConnectSecure need to be uninstalled separately from each local zone, if they got installed to all zones by installing into the global zone.

(RQ #16342) All platforms: OpenSSH keys are not accepted as host keys, when running the server in FIPS mode.

(RQ #16285) AIX: When trying to log in to an AIX server using an account which has an expired password, the client returns the following error message: "Request exec channel error: Disconnected by application." The reason for the disconnection is, however, logged correctly in the server's log.

(RQ #16080) Windows: The Server reports a "Wrong password" message to the event log even though the correct password is given, but the account has expired.

(RQ #15976) Windows: Users without administrator rights cannot use file transfer with the default Windows 2003 ACL settings.

(RQ #15973) All platforms: The certificate validation path construction from LDAP fails, if the LDAP server requires suffix ';binary' for the PKI binary blob attribute names.

(RQ #15874) Linux: If a user account has expired, the Server incorrectly asks the user to change the password and then denies login.

(RQ #15819) Solaris: Quality checks for password changes (e.g. password length, characters etc.) enforced by PAM will only be enforced when using PAM authentication. When changing passwords via forced commands (i.e. when using authentication methods other than keyboard-interactive PAM), the Tectia Server will not enforce PAM-related password quality checks.

(RQ #15807) Windows: If a non-admin user tries to start the server, the server reports error message "Failed to access service manager".

(RQ #15711) Windows: All well-known security identifiers ('Everyone' and 'Authenticated Users', for instance) are not shown in the Tectia Server Configuration GUI's directory object picker when browsing groups for a selector.

(RQ #15627) Unix: Currently it is not possible to allow X11 forwarding when terminal connections are denied.

(RQ #15393) Windows: Installing PGP Desktop 9.5.2 and Tectia Server on the same Windows machine will cause the one installed earlier not to work.

(RQ #15228) All platforms: File transfers of files larger than 4kb using Net:SFTP and Net::SSH::Perl fail against Tectia Server.

Workaround is documented at http://www.cpanforum.com/threads/2092. The workaround involves lowering the value of COPY_SIZE in the SFTP.pm perl module from 8192 to 4063 or lower.

(RQ #15016) HP-UX: Shadow passwords are not supported on HP-UX when using the password authentication method. Shadow passwords can be used on HP-UX only with keyboard-interactive PAM authentication, with the appropriate PAM configuration.

(RQ #14973) Windows: The Server reports "Wrong password" message to the event log even though the correct password is given, if the account is locked.

(RQ #14762) Windows: Currently it is not possible to see and select Active Directory universal groups in the User Group Selector dialog of the configuration tool GUI. However, universal groups can be used as selectors if those are entered manually to the user group selector name field.

(RQ #14672) All platforms: It is possible to generate all lengths of RSA/DSA keys in FIPS mode, although the Tectia Client/Server software will only accept keys compliant with FIPS.

(RQ #14259) AIX: The Server hangs after a few authentication tries when the following value is set in the /etc/security/user file:

  • SYSTEM='KRB5Files or compat'

The Server does not hang when the value is set to:

  • SYSTEM='compat'

(RQ #14039) Windows: Using rsync with Cygwin OpenSSH against Tectia Server fails when using public-key authentication.

(RQ #12576) HP-UX 11.11: Attempting GSSAPI authentication can cause the auths-gssapi-userproc-krb process to consume CPU and not exit after the client disconnects. The GSSAPI authentication will be enabled if no configuration file is found or if specifically enabled in the server configuration. The HP-UX patch PHSS_35381 fixes this issue. GSSAPI needs to be disabled in the server configuration, if installing the patch is not an option.

(RQ #12517) Unix: Canceling user authentication when Tectia Server has been configured with keyboard-interactive authentication method, causes authentication to fail with "Server responded 'Unexpected response packet'".

(RQ #11836) All platforms: After changing the password on a Secure Shell server, but before logging in with the new password, either the Connection Broker must be restarted to close the previous connection, or the user must wait for the connection to time out (by default 5 seconds). If this is not done, login with the new password will not succeed.

 

6. Further Information

More information can be found on the Tectia pages and in Tectia manuals. Tectia manuals are available here.

Additional licenses can be purchased by contacting SSH sales.

Tectia Server 6.6.1: Release Notes

Table of Contents

1. Important Changes
2. New features
3. Bug fixes

 

1. Important Changes

(TECT-619) Increased default RSA and DSA key size from 2048 bits to 3072 bits and ECDSA from 256 bits to 384 bits. These changes reflect the new minimum values recommended by us for these authentication keys.

(TECT-614) NIST has chosen CRYSTALS-Kyber. Following this decision we have decided to remove SABER from the defaults. However, SABER still remains supported and the PQC hybrid KEX ecdh-nistp521-firesaber-sha512@ssh.com can be enabled in configuration.

You can find more information here.

The new PQC hybrid KEX defaults are:

  •  ecdh-nistp521-kyber1024-sha512@ssh.com
  •  curve25519-frodokem1344-sha512@ssh.com
  •  sntrup761x25519-sha512@openssh.com

 

2. New Features

(TECT-611) Added Red Hat Enterprise Linux 9 as a supported installation platform.

(TECT-629) Added support for ncurses 6, which removes the previous dependency for libncurses compat libraries.

 

3. Bug Fixes

(TECT-626) Windows: Attempt to overwrite a file on NFS no longer fails with an input/output error. Previously an SFTP client had to delete the file with the same name first before upload.

(TECT-609) Fixed a bug with Radius authentication in RHEL that prevented the use of said authentication method.

 

1. About This Release

The 6.6 release of Tectia Server is declared a Feature Release, and it is supported for 3 years since the release date of 6.6.0. The latest support end dates for Tectia Client/Server are available at: https://www.ssh.com/products/support/end-of-support

This release is based on Tectia Server 6.5.2. Items addressed in this release are listed under the "6.6.0" section.

The 6.6.0 release is available for Linux, AIX, and Windows on x86-64 platforms.

Special items for this release are:

  • Tectia Quantum-Safe Edition with multiple PQC hybrid key exchange algorithms
  • Improvements to certificate validation

We recommend uninstalling any SSH Secure Shell and SSH Tectia 4.x products, and on Windows also SSH Tectia 6.0.x or older, before installing SSH Tectia 6.6 products.

For the installation instructions, refer to the Tectia Server Administrator Manual.


2. Important Changes

(TECT-193) Tectia Quantum-Safe Edition license file enables Post Quantum Cryptography (PQC) algorithms SABER, CHRYSTALS/Kyber, FrodoKEM, and Streamlined NTRU Prime that are used in a Hybrid Key Exchange together with a classical ECDH algorithm. Both the PQC and ECDH algorithms contribute to the key material resulting in a session key that is at least as hard to break as the strongest composite. The hybrid approach mitigates the risk of future attacks on recorded secure shell sessions if weaknesses are discovered in either algorithm.

Note that the client-side, Tectia Client version 6.6 and above or OpenSSH version 9.0 or above, needs to also support and prefer at least one of the PQC hybrid KEX algorithms or connections will use classical KEX algorithms by default.

Note when upgrading from 6.5.1 with changed configurations or from 6.4.x, the Post Quantum Cryptography (PQC) algorithms require a Tectia Quantum-Safe Edition license and are not enabled unless explicitly configured. For configuration instructions on how to enforce PQC hybrid KEX, please see the Tectia Server example ssh-server-config-example.xml in the configuration directory.

 

3. New Features

The following new features have been implemented in Tectia Server:

(TECT-193) Added support for Post Quantum Cryptography (PQC) hybrid key exchange algorithms.

Following PQC hybrid KEX algorithms are supported and enabled by default when Tectia Quantum-Safe Edition license is installed:

  • ecdh-nistp521-firesaber-sha512@ssh.com
  • ecdh-nistp521-kyber1024-sha512@ssh.com
  • curve25519-frodokem1344-sha512@ssh.com
  • sntrup761x25519-sha512@openssh.com

(TECT-571) Added support for IBM AIX 7.3

(TECT-574) Tectia Server control utility can now be used to troubleshoot running Tectia Server. The 'ssh-server-ctl debug --help' command lists options that can be used to enable debug mode for the ssh-server-g3, servants and/or user SFTP server processes.

Note that 'ssh-server-ctl debug clear' should always be used after reproducing the problem. On Unix, it is needed even after stopping the service to clear the debug settings from any retired server processes. SELinux enabled Linux: 'ssh-server-ctl debug <options>' is recommended method instead of starting the ssh-server-g3 process directly that results in wrong SELinux context, misleading failures and potential issues later when Tectia Server is started normally by the system.

 

4. Bug fixes

The following fixes have been implemented in Tectia Server:

(TECT-564) Fixed an issue with OCSP certificate validation that may have resulted in Certificate_validation_failure with error time-interval-was-invalid even if valid CRL was available when checked against OCSP responder failed.

(TECT-526) The certificate validator cache-size configuration parameter was increased to 300MB.

 

5. Known Issues

The following issues are currently known to exist in Tectia SSH Server:

(FB #41772) Linux, RHEL6: ssh-servant-g3 processes can show large virtual memory allocation, in excess of one GB per process. This is due to thread arena allocation in libc 2.10 and later, included in RHEL 6.0, not because of memory leaks.

(FB #39681) Solaris: With exec-directly="no", csh on Solaris closes auditing file descriptors for sft-server-g3, effectively disabling logging with sftp. The recommended solution here is to use exec-directly="yes".

(FB #41617) Windows: Upgrade only recognizes versions 6.1 onwards.

(FB #36835) All platforms: Remote translation tables only work when the site command X=BIN is used. Local translation tables work as intended.

(FB #22991) AIX: Upgrading from version 6.2.x or 6.3.x will not restart the server automatically after installing the upgrade packages. Upgrading from versions 6.1.x (or earlier), and versions 6.4.2 (or later) will work normally, and restart the server after the upgrade.

(FB #19541) Unix/Linux: When logged to the SSH Tectia Server, an executable will fail to start if any parent of the current working directory is not readable and relative paths are used to refer to the executable.

(FB #13818) All Platforms: The usage of IPv6 addresses in certificates is not yet supported. 

(FB #14973) Linux: SSH Tectia Server must be stopped before upgrading from 6.2.0 as the newer ssh-server-ctl will not be able to stop the 6.2.0 server. Upgrades from any other version than 6.2.0 do not experience this issue.

(FB #9145) Windows: When installing Tectia Server on a platform that has more than 30 CPUs running Windows 2003 SP2, make sure that you have the proper Microsoft patches installed to not hit a Microsoft bug that will make your host unusable.

For more information, see: http://support.microsoft.com/kb/2539164

(FB #10425) Unix: if OpenSSL 0.9.8 is installed on the host where Tectia Server is installed, it may fail when using PAM with software that uses that OpenSSL library. Workaround if FIPS is not used: Rename the libcrypto.so.0.9.8 existent under /opt/tectia/sshlib to another name (note that this will make FIPS mode unusable).

(FB #9367) Windows: If the installation fails with the error message "An error occurred during the installation of assembly component {B708EB72-AA82-3EB7-8BB0-D845BAB35C93D}. HRESULT: 0x80070BC9" use Windows Update to install required operating system updates.

(FB #9106) AIX: Executables are now compiled in 64-bit. For PAM to work, the operating system should point to the 64-bit versions of PAM libraries instead of the 32-bit versions.

(FB #9530) All platforms: Extra checks are done when starting the Tectia Server and Connection Broker in the FIPS mode due to the OpenSSL FIPS cryptographic library health check. This will lead to a noticeable delay in the start of the process on slow machines.

(FB #8826) Windows: Users authenticated with a public key cannot access Network DFS shares that are in a different box than where the Tectia server is running. Workaround: Use password cache.

(FB #4699) AIX: Due to IBM's bug IZ02631, a servant may deadlock under heavy stress. IBM has a fix for AIX 5.3 and AIX 6.1.

(FB #4705) Linux SE: If the common package is installed with SElinux disabled, the following warning message will be given during the installation:

  • /usr/bin/chcon: can't apply partial context to unlabeled file
  • /opt/tectia/lib/shlib/libicudata.so.40
  • /usr/bin/chcon: can't apply partial context to unlabeled file
  • /opt/tectia/lib/shlib/libicuuc.so.40

This can be safely ignored. However, if the SElinux enforcing is enabled after the installation, the following command needs to be executed: /usr/bin/chcon -t textrel_shlib_t /opt/tectia/lib/shlib/*.so 

(RQ #19164) Linux RedHat 3: The pam_krb5 module supplied with Red Hat Linux 3 will not work with Tectia Server when configured with pam-calls-with-commands=yes as pam_krb5 requires pam_authenticate() to be called before pam_setcred().

(RQ #19080) AIX: Authentication may fail for LDAP accounts when verifying login permissions. This is caused by an error in AIX system libraries when trying to retrieve password expiration information for an LDAP user and is addressed by IBM APAR IZ46727 (registration required): http://www-01.ibm.com/support/docview.wss?uid=isg1IZ46727

(RQ #18437) Windows: Tectia Server doesn't support other than ISO Latin 1 character sets in folder names for storing troubleshooting logs.

(RQ #18307) All platforms: The file transfer with WinSCP 3.6 might fail when the file transfer is resumed.

(RQ #18211) All platforms: If the server configuration has one or more selectors in the <connections> block listing specific ciphers, and the client does not match the selector, it is still allowed the default ciphers. This is because there is no implicit deny-rule in the <connections> block (the behavior is different from the <authentication-methods> block).

(RQ #18084) Unix: All installed Tectia products must be upgraded to 6.0.2 at the same time. If some packages are left to 6.0.1 or older versions, they will stop working when the 6.0.2 common package is installed.

(RQ #17626) Windows: On Windows, Tectia Server does not support GW mode for connecting to other Secure Shell servers.

(RQ #17604) All platforms: Files larger then 4GB cannot be transferred to or from Tectia Server when using the old OpenSSH 'scp' command. Workaround: The files can be transferred using scpg3 or sftpg3. 

(RQ #17271) Solaris x86-64: RSA SecurID cannot be used with Tectia Server on Solaris x86-64, because RSA SecurID offers only a 32-bit PAM library. Tectia Server expects a 64-bit pam_securid.so.

(RQ #17170) Solaris 10: Tectia Server and the FTP/SFTP conversion component of Tectia Client with EFT Expansion Pack need to be uninstalled separately from each local zone if they have been installed in all zones by installing into the global zone.

(RQ #17055) Solaris: Installation packages do not detect the underlying Solaris architecture to prevent the installation of the x86-64 packages on x86 architecture. The packages can be installed but they will not work. 

(RQ #16986) Windows: SFTP 'chmod' command is not supported against Tectia Server running on Windows.

(RQ #16410) Solaris 10: Tectia Server and the FTP-SFTP conversion component of Tectia ConnectSecure need to be uninstalled separately from each local zone if they got installed in all zones by installing into the global zone.

(RQ #16342) All platforms: OpenSSH keys are not accepted as host keys when running the server in FIPS mode.

(RQ #16285) AIX: When trying to log in to an AIX server using an account which has an expired password, the client returns the following error message: "Request exec channel error: Disconnected by application." The reason for the disconnection is, however, logged correctly in the server's log. 

(RQ #16080) Windows: The Server reports a "Wrong password" message to the event log even though the correct password is given, but the account has expired.

(RQ #15976) Windows: Users without administrator rights cannot use file transfer with the default Windows 2003 ACL settings.

(RQ #15973) All platforms: The certificate validation path construction from LDAP fails, if the LDAP server requires suffix ';binary' for the PKI binary blob attribute names.

(RQ #15874) Linux: If a user account has expired, the Server incorrectly asks the user to change the password and then denies login.

(RQ #15819) Solaris: Quality checks for password changes (e.g. password length, characters, etc.) enforced by PAM will only be enforced when using PAM authentication. When changing passwords via forced commands (i.e. when using authentication methods other than keyboard-interactive PAM), the Tectia Server will not enforce PAM-related password quality checks.

(RQ #15807) Windows: If a non-admin user tries to start the server, the server reports error message "Failed to access service manager".

(RQ #15711) Windows: All well-known security identifiers ('Everyone' and 'Authenticated Users', for instance) are not shown in the Tectia Server Configuration GUI's directory object picker when browsing groups for a selector.

(RQ #15627) Unix: Currently it is not possible to allow X11 forwarding when terminal connections are denied.

(RQ #15393) Windows: Installing PGP Desktop 9.5.2 and Tectia Server on the same Windows machine will cause the one installed earlier not to work.

(RQ #15228) All platforms: File transfers of files larger than 4kb using Net:SFTP and Net::SSH::Perl fail against Tectia Server. Workaround is documented at http://www.cpanforum.com/threads/2092. The workaround involves lowering the value of COPY_SIZE in the SFTP.pm perl module from 8192 to 4063 or lower.

(RQ #15016) HP-UX: Shadow passwords are not supported on HP-UX when using the password authentication method. Shadow passwords can be used on HP-UX only with keyboard-interactive PAM authentication, with the appropriate PAM configuration.

(RQ #14973) Windows: The Server reports "Wrong password" message to the event log even though the correct password is given, if the account is locked.

(RQ #14762) Windows: Currently it is not possible to see and select Active Directory universal groups in the User Group Selector dialog of the configuration tool GUI. However, universal groups can be used as selectors if they are entered manually into the user group selector name field. 

(RQ #14672) All platforms: It is possible to generate all lengths of RSA/DSA keys in FIPS mode, although the Tectia Client/Server software will only accept keys compliant with FIPS.

(RQ #14259) AIX: The Server hangs after a few authentication tries when the following value is set in the /etc/security/user file: SYSTEM='KRB5Files or compat' The Server does not hang when the value is set to: SYSTEM='compat'

(RQ #14039) Windows: Using rsync with Cygwin OpenSSH against Tectia Server fails when using public-key authentication.

(RQ #12576) HP-UX 11.11: Attempting GSSAPI authentication can cause the auths-gssapi-userproc-krb process to consume CPU and not exit after the client disconnects. The GSSAPI authentication will be enabled if no configuration file is found or if specifically enabled in the server configuration. The HP-UX patch PHSS_35381 fixes this issue. GSSAPI needs to be disabled in the server configuration, if installing the patch is not an option.

(RQ #12517) Unix: Canceling user authentication when Tectia Server has been configured with keyboard-interactive authentication method, causes authentication to fail with "Server responded 'Unexpected response packet'".

(RQ #11836) All platforms: After changing the password on a Secure Shell server, but before logging in with the new password, either the Connection Broker must be restarted to close the previous connection, or the user must wait for the connection to time out (by default 5 seconds). If this is not done, logging in with the new password will not succeed.

 

6. Further Information

More information can be found on the Tectia man pages and manuals. Tectia manuals are also available from https://www.ssh.com/manuals/

Additional licenses can be purchased by contacting sales at https://www.ssh.com/

Tectia Server 6.5.1: Release Notes

Table of Contents

1. Important Changes
2. New Features
3. Bug fixes

 

1. Important Changes

(TECT-458) Disabled SHA1 algorithms from server defaults in lieu of previous deprecation warning. These algorithms can still be manually enabled for legacy reasons. It is important to understand that SHA-1 algorithms are deprecated due to security issues and should not be enabled without a critical legacy dependency for them. Enabling SHA-1 algorithms is not recommended by us.

  • ssh-rsa (RSA/SHA1) is no longer included in public-key signature algorithms nor host key algorithms' default values. We recommended using SHA2 variants (e.g. rsa-sha2-256, ssh-rsa-sha256@ssh.com) for existing RSA keys.
  • ssh-dss (DSA/SHA1) is no longer included in public-key signature algorithms nor host key algorithms. We recommend using SHA2 variants (e.g. ssh-dss-sha256@ssh.com) for existing DSA keys and creating additional RSA, ED25519, or ECDSA key(s) for better interoperability with third-party clients/servers.
  • diffie-hellman-group-exchange-sha1 (DH-GEX-SHA1) and diffie-hellman-group14-sha1 are no longer included in key exchange default values. We recommend using SHA2 variants (e.g. diffie-hellman-group-exchange-sha256 and diffie-hellman-group14-sha256).

SHA2 variants @ssh.com algorithms have been supported in Tectia Client/Server since version 6.2.0 released in 2011. Standardized SHA2 variants since version 6.4.18.

HMAC SHA1 algorithms still remain in server defaults. Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions.

CBC mode ciphers are no longer included in server defaults. Although there are no known vulnerabilities for current versions, there are better counter modes available such as GCM. CBC mode ciphers can still be manually enabled in the server configuration. This change was made to alleviate false positives from security scanners. Our recommendation is to use CTR mode and GCM mode over CBC mode whenever possible and use CBC mode only when it is not possible to use the other two counter modes with ciphers.

 

2. New Features

The following new features have been implemented in Tectia Server:

(TECT-325) Zero Trust certificate-based user authentication with short-lived X.509v3 or OpenSSH certificates. Delegate access control to PrivX for Just-In-Time (JIT) access management. PrivX version 22 and above are supported.

(TECT-462) Windows Server 2022 and SUSE Linux Enterprise Server 15 (x86-64) were added as supported installation platforms.

(TECT-484) Linux: Installation creates and modifies /etc/pam.d/ssh-server-g3 Pluggable Authentication Modules (PAM) configuration and preserves original file to /etc/pam.d/ssh-server-g3.orig. PAM is now required for successful password authentication on RHEL.

(TECT-313) Added support for x509-certificate-chain for user and host certificates and standardized X.509v3 signature algorithms defined in RFC6187.

Following signature-algorithms and host key-algorithms are supported:

  • x509v3-rsa2048-sha256
  • x509v3-ecdsa-sha2-nistp256
  • x509v3-ecdsa-sha2-nistp384
  • x509v3-ecdsa-sha2-nistp521
  • x509v3-ssh-dss (DSA/SHA1 not enabled by default on server-side)
  • x509v3-ssh-rsa (RSA/SHA1 not enabled by default on server-side)

(TECT-147) Added support for OpenSSH user and host certificates.

Following signature-algorithms and host key-algorithms are supported:

  • ecdsa-sha2-nistp256-cert-v01@openssh.com
  • ecdsa-sha2-nistp384-cert-v01@openssh.com
  • ecdsa-sha2-nistp521-cert-v01@openssh.com
  • ssh-ed25519-cert-v01@openssh.com
  • rsa-sha2-256-cert-v01@openssh.com
  • rsa-sha2-512-cert-v01@openssh.com
  • ssh-rsa-cert-v01@openssh.com (RSA/SHA1 not enabled by default)
  • ssh-dss-cert-v01@openssh.com (DSA/SHA1 not enabled by default)

(TECT-492) Added curve25519-sha256@libssh.org to client and server key exchange defaults for better interoperability with 3rd party implementations that do not support standardized curve25519-sha256.

(TECT-335) Tectia Server Configuration GUI supports extended-key-usage certificate selectors, for example, secure Shell Client (oid 1.3.6.1.5.5.7.3.21).

(TECT-61) Critical Microsoft custom policy OID 1.3.6.1.4.1.311.21.10 is now accepted if it contains only extended key usage oids that are present in the actual extended key usage extension in the X.509v3 certificate being validated.

(TECT-359) Tectia Server Configuration GUI can be used to configure OCSP trusted mode (RFC5019, RFC6960) responder issuing CA certificate.

(TECT-367) Added new configuration option xauth-shell attribute that can be used to specify the shell used to run xauth binary instead of the user shell in X11 forwarding.

(TECT-426) Tectia Server Logging improvements Certificate_validation_success and Certificate_validation_failure log also Subject name, Email and UPN Subject Alternative Names for X.509v3 certificates and Key ID and principals for OpenSSH certificates.

 

3. Bug Fixes

(TECT-108) Linux: Tectia Server ssh-server-ctl now uses systemd on RHEL 7, 8, SUSE 12 and SUSE 15 for stopping and starting the service.

Recommended commands 'systemctl [start|stop|restart|status] ssh-server-g3'

For configuration update 'ssh-server-ctl reload' that validates the ssh-server-config.xml configuration is recommended.

(TECT-347) Windows Server: Using relative paths to access virtual folders no longer fails if the home directory is configured as a virtual root.

(TECT-199) Linux: Tectia Server is now confined to sshd SELinux context on RHEL.

(TECT-174) Tectia Server Configuration GUI now allows only service rule command configurations that the server supports. If a forced command is set, no other commands can be added to the group. If a group contains multiple allowed commands, forced commands can not be added or edited to the group.

(TECT-423) Tectia Server now checks file permissions of CA certificates configured as trust anchors for user certificate authentication.

(TECT-433) Tectia Server Configuration GUI no longer overwrites public key signature-algorithms in ssh-server-config.xml with default values.

(TECT-127) OpenSSL generated passphrase protected PKCS#8 key no longer fails to be decoded.

(TECT-310) Tectia Server Configuration GUI now supports name-regexp attribute for example in authentication selector instead of overwriting manually configured selectors like <user name-regexp="[[:alpha:]]{5}[[:digit:]]{3}" />.

(TECT-401) Customized tunnel (port forwarding) restrictions are now enforced correctly.

  • In tunnel-remote 'listen' will match only when the listener is being opened. The 'src' is not matched when the listener is opened but only when the tunnel is opened.
  • New tunnel-remote 'disable-privilege-check' attribute defaults to 'no'. If not set, tunnel listener open will always perform privilege check, forbidding listener open for ports under 1024 unless user is privileged admin/root user.
  • New Tunnel endpoint 'tunnel-src' and 'tunnel-dst' added for tunnel-local and tunnel-remote, conversely. These match the ssh client end IP address as seen by the server based on the tcp connection. The 'src' in tunnel-local, that matches the connection source as reported by the client, has not been changed.

(TECT-333) Tectia Server Configuration GUI no longer crashes if the host certificate has critical extension BasicConstraints CA = FALSE.

(TECT-353) Tectia Server user login with certificate no longer fails if user-group attribute is defined in the same selector with certificate selectors.

(TECT-361) Tectia Server Logging Channel_outbound_statistics and Channel_inbound_statistics no longer log username as uninitialized.

(TECT-382) Windows: ssh-shell in Tectia Server no longer ignores input bytes with the highest bit set. Multibyte characters are now shown correctly when logged in with sshg3.