I've just updated the Cygwin version of OpenSSH to 6.6.1p1-1. This is an upstream bugfix release.
A bug in the curve25519 KEX method that doesn't depend on OpenSSL's BIGNUM type left leading zero bytes where they should have been skipped. The impact of this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a peer that implements curve25519-sha...@libssh.org properly about 0.2% of the time (one in every 512ish connections). ======== HEADSUP: ======== The upstream developers are planning to remove tcp-wrappers support from the next OpenSSH release 6.7p1. If you have a legitimate utilisation of tcp-wrappers support for OpenSSH, you might want to chime in to the discussion thread on the openssh-unix-dev mailing list(1). The thread starts here: http://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html Corinna (1) https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple