Skip to content

Add gsi openssh 10.0 from Fedora 43 current stable #242

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fscheiner merged 3 commits into from
Dec 12, 2025
Merged

Add gsi openssh 10.0 from Fedora 43 current stable #242

fscheiner merged 3 commits into from
Dec 12, 2025

Conversation

@fscheiner
Copy link
Member

@fscheiner fscheiner commented Dec 10, 2025

@fscheiner
Copy link
Member Author

fscheiner commented Dec 10, 2025

@msalle, @ellert, @maarten-litmaath:
So fortunately I found the time and also got it working yesterday. \o/

Reviewers, may I point you to the changes I made to:

This is the only really new change needed compared to 9.9p1 IIC. Fedora seems to have added additional code there that overrules the original OpenSSH Portable code, but also seems to require OpenSSL 3.0. In the long run we might run into problems trying to keep it buildable with OpenSSL < 3.0. So maybe we drop that in the next update, also because Rocky Linux 8 is covered by EPEL.

@ellert : There seems to be a small inconsistency, because from the source RPM I had the impression that this is based on OpenSSH 10.0p1 as per the filename, so modified gsi_openssh/version.m4 accordingly. But when tested, it identifies as 10.0p2, see below. But I can also adapt that accordingly everywhere, though this will then sort of contradict the source RPM's filename.

@fscheiner
Copy link
Member Author

fscheiner commented Dec 10, 2025

This is so far again only tested on Rocky Linux 8, testing on other distros is welcome, also if just tested to build and install there.

Rocky Linux 8

[johndoe@gridftp-5 gsi-openssh-10.0p1-testing]$ sudo ~/bin/test-gss-kex-for-gsi-openssh.bash gridftp-5.machine-hall.org johndoe2
[sudo] password for johndoe: 
gsisshd: OpenSSH_10.0p2c-GSI_hpn18.7.0 GSI, OpenSSL 1.1.1k  FIPS 25 Mar 2021
gsissh: OpenSSH_10.0p2c-GSI_hpn18.7.0 GSI, OpenSSL 1.1.1k  FIPS 25 Mar 2021

Wait 3 seconds for startup of gsisshd ...

gss-gex-sha1- OK ( plus johndoe => johndoe2 )
gss-group1-sha1- OK ( plus johndoe => johndoe2 )
gss-group14-sha256- OK ( plus johndoe => johndoe2 )
gss-nistp256-sha256- OK ( plus johndoe => johndoe2 )
gss-curve25519-sha256- OK ( plus johndoe => johndoe2 )
gss-group16-sha512- OK ( plus johndoe => johndoe2 )

@fscheiner fscheiner requested review from ellert and msalle December 10, 2025 09:46
@fscheiner fscheiner merged commit 3521a3c into gridcf:master Dec 12, 2025
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ellert ellert ellert approved these changes

@msalle msalle Awaiting requested review from msalle

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fscheiner @ellert