Skip to content

3_19_2016

Compare
Choose a tag to compare
@manojampalam manojampalam released this 20 Mar 06:35
· 331 commits to L1-Prod since this release

_This is a pre-release (non-production ready)_

_Note: Thanks to folks testing this release - we have identified an issue on 2012 R2 (and possibly Win8) with read() routine of underlying transport. This manifests as a failure while starting sshd. Try using 1.1 versions if you see this issue_

What's in this release:

  • Completely rewritten underlying transport that adapts POSIX calls to Win32 overlapped APIs.
  • Transport is now truly single threaded with no synchronization overhead. Stream throughput over loopback has improved ~15%.
  • Transport has been stress tested with 10 tunnelled TCP (port forwarded) full duplex full throughput streams multiplexed over a single connection/session (ssh and sshd running with AppVerifier enabled). It held well, compared to the previous transport that froze after 5 streams. Hopefully, connection reliability issues reported so far will be resolved with this update.
  • PW auth will now result in network logon so admins will end up with sessions capable of performing admin tasks.
  • SCP is taken offline as it needs significant changes to get it on board the new transpor and I'm still working on it.
  • ssh-add and ssh-agent are taken offline as we are working on the right security model and user experience for Windows.
  • there are not changes to ssh-lsa.dll (for key based auth). So you may continue to use the previous version if its already installed.

I haven't yet fixed ssh-lsa installation script issue on Windows 7. Please continue to use the work around for now
reg add HKLM\System\CurrentControlSet\Control\Lsa /v "Authentication Packages" /t REG_MULTI_SZ /d msv1_0\0ssh-lsa.dll -f

There will be some regressions in terminal experience as I refactored related code that was coupled with protocol code. That said, its understood that current terminal experience is very primitive. Focus over the next couple of months will be on enriching this experience along with security enhancements.