security/openssh - The NetBSD Packages Collection

Open Source Secure shell client and server (remote login program)

OpenSSH is based on the last free version of Tatu Ylonen's SSH with
all patent-encumbered algorithms removed (to external libraries), all
known security bugs fixed, new features reintroduced and many other
clean-ups. More information about SSH itself can be found in the file
README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck,
Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song.

This port consists of the re-introduction of autoconf support, PAM
support (for Linux and Solaris), EGD[1] support, SOCKS support (using
the Dante [6] libraries and replacements for OpenBSD library functions
that are (regrettably) absent from other unices. This port has been
best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX,
SCO, NeXT and other Unices is underway. This version actively tracks
changes in the OpenBSD CVS repository.

Build dependencies

pkgtools/mktools devel/autoconf lang/perl5 pkgtools/cwrappers

Runtime dependencies

security/libfido2 security/libfido2

Binary packages

OSArchitectureVersion
NetBSD 10.0aarch64openssh-9.9p1.tgz
NetBSD 10.0aarch64openssh-9.8p1.tgz
NetBSD 10.0aarch64ebopenssh-9.8p1.tgz
NetBSD 10.0aarch64ebopenssh-9.9p1.tgz
NetBSD 10.0alphaopenssh-9.6p1.tgz
NetBSD 10.0alphaopenssh-9.8p1.tgz
NetBSD 10.0earmv6hfopenssh-9.9p1.tgz
NetBSD 10.0earmv6hfopenssh-9.6p1.tgz
NetBSD 10.0earmv6hfopenssh-9.8p1.tgz
NetBSD 10.0earmv7hfopenssh-9.9p1.tgz
NetBSD 10.0earmv7hfopenssh-9.6p1.tgz
NetBSD 10.0earmv7hfopenssh-9.8p1.tgz
NetBSD 10.0i386openssh-9.9p1.tgz
NetBSD 10.0i386openssh-9.8p1.tgz
NetBSD 10.0powerpcopenssh-9.3p2.tgz
NetBSD 10.0powerpcopenssh-9.6p1.tgz
NetBSD 10.0powerpcopenssh-9.6p1.tgz
NetBSD 10.0sparc64openssh-9.8p1.tgz
NetBSD 10.0sparc64openssh-9.9p1.tgz
NetBSD 10.0x86_64openssh-9.9p1.tgz
NetBSD 10.0x86_64openssh-9.8p1.tgz
NetBSD 9.0aarch64openssh-9.9p1.tgz
NetBSD 9.0aarch64openssh-9.8p1.tgz
NetBSD 9.0earmv6hfopenssh-9.9p1.tgz
NetBSD 9.0earmv6hfopenssh-9.6p1.tgz
NetBSD 9.0earmv6hfopenssh-9.8p1.tgz
NetBSD 9.0earmv7hfopenssh-9.9p1.tgz
NetBSD 9.0earmv7hfopenssh-9.6p1.tgz
NetBSD 9.0earmv7hfopenssh-9.8p1.tgz
NetBSD 9.0i386openssh-9.9p1.tgz
NetBSD 9.0i386openssh-9.8p1.tgz
NetBSD 9.0sparc64openssh-9.6p1.tgz
NetBSD 9.0x86_64openssh-9.9p1.tgz
NetBSD 9.0x86_64openssh-9.8p1.tgz
NetBSD 9.3x86_64openssh-9.9p1.tgz

Binary packages can be installed with the high-level tool pkgin (which can be installed with pkg_add) or pkg_add(1) (installed by default). The NetBSD packages collection is also designed to permit easy installation from source.

Available build options

editline
Enable use of the NetBSD Editline library.
fido
Enable U2F/FIDO/FIDO2/WebAuthn support.
kerberos
Enable Kerberos support.
openssh-legacymodsz
Support keys with sizes < 1024 bits. (insecure! for compatibility with very old devices)
openssl
Enable OpenSSL support.
pam
Enable PAM support.

Known vulnerabilities

The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.

Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.


Problem reports, updates or suggestions for this package should be reported with send-pr.