1 0.52 - Wed 12 November 2008
3 - Add "netcat-alike" option (-B) to dbclient, allowing Dropbear to tunnel
4 standard input/output to a TCP port-forwarded remote host.
6 - Add "proxy command" support to dbclient, to allow using a spawned process for
7 IO rather than a direct TCP connection. eg
10 dbclient -J 'nc remotehost 22' remotehost
11 (the hostname is still provided purely for looking up saved host keys)
13 - Combine netcat-alike and proxy support to allow "multihop" connections, with
14 comma-separated host syntax. Allows running
16 dbclient user1@host1,user2@host2,user3@host3
18 to end up at host3 via the other two, using SSH TCP forwarding. It's a bit
19 like onion-routing. All connections are established from the local machine.
20 The comma-separated syntax can also be used for scp/rsync, eg
22 rsync -a -e dbclient m@gateway,m2@host,martello:/home/matt/ ~/backup/
24 to bounce through a few hosts.
26 - Add -I "idle timeout" option (contributed by Farrell Aultman)
28 - Allow restrictions on authorized_keys logins such as restricting commands
29 to be run etc. This is a subset of those allowed by OpenSSH, doesn't
30 yet allow restricting source host.
32 - Use vfork() for scp on uClinux
34 - Default to PATH=/usr/bin:/bin for shells.
36 - Report errors if -R forwarding fails
38 - Add counter mode cipher support, which avoids some security problems with the
41 - Support zlib@openssh.com delayed compression for client/server. It can be
42 required for the Dropbear server with the '-Z' option. This is useful for
43 security as it avoids exposing the server to attacks on zlib by
44 unauthenticated remote users, though requires client side support.
46 - options.h has been split into options.h (user-changable) and sysoptions.h
47 (less commonly changed)
49 - Support "dbclient -s sftp" to specify a subsystem
51 - Fix a bug in replies to channel requests that could be triggered by recent
54 0.51 - Thu 27 March 2008
56 - Make a copy of password fields rather erroneously relying on getwpnam()
57 to be safe to call multiple times
59 - If $SSH_ASKPASS_ALWAYS environment variable is set (and $SSH_ASKPASS is
60 as well) always use that program, ignoring isatty() and $DISPLAY
62 - Wait until a process exits before the server closes a connection, so
63 that an exit code can be sent. This fixes problems with exit codes not
64 being returned, which could cause scp to fail.
66 0.50 - Wed 8 August 2007
68 - Add DROPBEAR_PASSWORD environment variable to specify a dbclient password
70 - Use /dev/urandom by default, since that's what everyone does anyway
72 - Correct vfork() use for uClinux in scp
73 (thanks to Alex Landau)
75 - Exit with an exit code of 1 if dropbear can't bind to any ports
76 (thanks to Nicolai Ehemann)
78 - Improve network performance and add a -W <receive_window> argument for
79 adjusting the tradeoff between network performance and memory consumption.
81 - Fix a problem where reply packets could be sent during key exchange,
82 in violation of the SSH spec. This could manifest itself with connections
83 being terminated after 8 hours with new TCP-forward connections being
86 - Add -K <keepalive_time> argument, ensuring that data is transmitted
87 over the connection at least every N seconds.
89 - dropbearkey will no longer generate DSS keys of sizes other than 1024
90 bits, as required by the DSS specification. (Other sizes are still
91 accepted for use to provide backwards compatibility).
93 0.49 - Fri 23 February 2007
95 - Security: dbclient previously would prompt to confirm a
96 mismatching hostkey but wouldn't warn loudly. It will now
99 - Compile fixes, make sure that all variable definitions are at the start
102 - Added -P pidfile argument to the server (from Swen Schillig)
104 - Add -N dbclient option for "no command"
106 - Add -f dbclient option for "background after auth"
108 - Add ability to limit binding to particular addresses, use
109 -p [address:]port, patch from Max-Gerd Retzlaff.
111 - Try to finally fix ss_family compilation problems (for old
114 - Fix finding relative-path server hostkeys when running daemonized
116 - Use $HOME in preference to that from /etc/passwd, so that
117 dbclient can still work on broken systems.
119 - Fix various issues found by Klocwork defect analysis, mostly memory leaks
120 and error-handling. Thanks to Klocwork for their service.
122 - Improve building in a separate directory
124 - Add compile-time LOG_COMMANDS option to log user commands
126 - Add '-y' flag to dbclient to unconditionally accept host keys,
127 patch from Luciano Miguel Ferreira Rocha
129 - Return immediately for "sleep 10 & echo foo", rather than waiting
130 for the sleep to return (pointed out by Rob Landley).
132 - Avoid hanging after exit in certain cases (such as scp)
134 - Various minor fixes, in particular various leaks reported by
137 - Disable core dumps on startup
139 - Don't erase over every single buffer, since it was a bottleneck.
140 On systems where it really matters, encrypted swap should be utilised.
142 - Read /dev/[u]random only once at startup to conserve kernel entropy
144 - Upgrade to LibTomCrypt 1.16 and LibTomMath 0.40
146 - Upgrade config.status and config.guess
148 0.48.1 - Sat 11 March 2006
150 - Compile fix for scp
152 0.48 - Thurs 9 March 2006
154 - Check that the circular buffer is properly empty before
155 closing a channel, which could cause truncated transfers
156 (thanks to Tomas Vanek for helping track it down)
158 - Implement per-IP pre-authentication connection limits
159 (after some poking from Pablo Fernandez)
161 - Exit gracefully if trying to connect to as SSH v1 server
162 (reported by Rushi Lala)
164 - Only read /dev/random once at startup when in non-inetd mode
166 - Allow ctrl-c to close a dbclient password prompt (may
167 still have to press enter on some platforms)
169 - Merged in uClinux patch for inetd mode
171 - Updated to scp from OpenSSH 4.3p2 - fixes a security issue
172 where use of system() could cause users to execute arbitrary
173 code through malformed filenames, ref CVE-2006-0225
175 0.47 - Thurs Dec 8 2005
177 - SECURITY: fix for buffer allocation error in server code, could potentially
178 allow authenticated users to gain elevated privileges. All multi-user systems
179 running the server should upgrade (or apply the patch available on the
182 - Fix channel handling code so that redirecting to /dev/null doesn't use
185 - Turn on zlib compression for dbclient.
187 - Set "low delay" TOS bit, can significantly improve interactivity
190 - Added client keyboard-interactive mode support, allows operation with
191 newer OpenSSH servers in default config.
193 - Log when pubkey auth fails because of bad ~/.ssh/authorized_keys permissions
195 - Improve logging of assertions
197 - Added aes-256 cipher and sha1-96 hmac.
199 - Fix twofish so that it actually works.
201 - Improve PAM prompt comparison.
203 - Added -g (dbclient) and -a (dropbear server) options to allow
204 connections to listening forwarded ports from remote machines.
206 - Various other minor fixes
208 - Compile fixes for glibc 2.1 (ss_family vs __ss_family) and NetBSD
209 (netinet/in_systm.h needs to be included).
211 0.46 - Sat July 9 2005
213 - Fix long-standing bug which caused connections to be closed if an ssh-agent
214 socket was no longer available
216 - Print a warning if we seem to be blocking on /dev/random
217 (suggested by Paul Fox)
219 - Fixed a memory leak in DSS code (thanks to Boris Berezovsky for the patch)
221 - dbclient -L no longer segfaults, allocate correct buffer size (thanks
222 to David Cook for reporting it, and Christopher Faylor for independently
225 - Added RSA blinding to signing code (suggested by Dan Kaminsky)
227 - Rearranged bignum reading/random generation code
229 - Reset the non-blocking status on stderr and stdout as well as stdin,
230 fixes a problem where the shell running dbclient will exit (thanks to
231 Brent Roman for reporting it)
233 - Fix so that all file descriptors are closed so the child shell doesn't
234 inherit descriptors (thanks to Linden May for the patch)
236 - Change signkey.c to avoid gcc 4 generating incorrect code
238 - After both sides of a file descriptor have been shutdown(), close()
239 it to avoid leaking descriptors (thanks to Ari Hyttinen for a patch)
241 - Update to LibTomCrypt 1.05 and LibTomMath 0.35
243 0.45 - Mon March 7 2005
245 - Makefile no longer appends 'static' to statically linked binaries
247 - Add optional SSH_ASKPASS support to the client
249 - Respect HOST_LOOKUP option
251 - Fix accidentally removed "return;" statement which was removed in 0.44
252 (causing clients which sent an empty terminal-modes string to fail to
253 connect - including pssh, ssh.com, danger hiptop). (patches
254 independently from Paul Fox, David Horwitt and Sven-Ola Tuecke)
256 - Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
259 0.44 - Mon Jan 3 2005
261 - SECURITY: Fix for PAM auth so that usernames are logged and conversation
262 function responses are allocated correctly - all 0.44test4 users with PAM
263 compiled in (not default) are advised to upgrade.
265 - Fix calls to getnameinfo() for compatibility with Solaris
267 - Pristine compilation works (run 'configure' from a fresh dir and make it
270 - Fixes for compiling with most options disabled.
272 - Upgraded to LibTomCrypt 0.99 and LibTomMath 0.32
274 - Make sure that zeroing out of values in LTM and LTC won't get optimised away
276 - Removed unused functions from loginrec.c
278 - /dev/random is now the default entropy source rather than /dev/urandom
280 - Logging of IPs in auth success/failure messages for improved greppability
282 - Fix dbclient so that "scp -i keyfile" works. (It can handle "-ikeyfile
285 - Avoid a race in server shell-handling code which prevents the exit-code
286 from being returned to the client in some circumstances.
288 - Makefile modified so that install target works correctly (doesn't try
289 to install "all" binary) - patch from Juergen Daubert
291 - Various minor fixes and compile warnings.
293 0.44test4 - Tue Sept 14 2004 21:15:54 +0800
295 - Fix inetd mode so it actually loads the hostkeys (oops)
297 - Changed DROPBEAR_DEFPORT properly everywhere
299 - Fix a small memory leak in the auth code
301 - WCOREDUMP is only used on systems which support it (ie not cygwin or AIX)
303 - Check (and fail for) cases when we can't negotiate algorithms with the
304 remote side successfully (rather than bombing out ungracefully)
306 - Handle authorized_keys files without a terminating newline
308 - Fiddle the channel receive window size for possibly better performance
310 - Added in the PAM authentication code (finally! thanks to Martin Carlsson)
312 0.44test3 - Fri Aug 27 22:20:54 +0800
314 - Fixed a bunch of warnings.
316 - scp works correctly when passed a username (fix for the dbclient program
317 itself as well, "-lmatt" works as well as "-l matt").
319 - Remove unrequired debian files
321 - Exit with the remote process's return code for dbclient
323 - Display stderr messages from the server in the client
325 - Add circular buffering to the channel code. This should dramatically reduce
326 the amount of backtraffic sent in response to traffic incoming to the
327 Dropbear end - improves high-latency performance (ie dialup).
329 - Various other related channel-handling fixups.
331 - Allow leading lines in the banner when connecting to servers
333 - Fixed printing out errors onto the network socket with stderr (for inetd
334 mode when using xinetd)
336 - Remove obselete documentation
338 - Fix a null-pointer exception when trying to free non-existant listeners
341 - DEBUG_TRACE now only works if you add "-v" to the program commandline
343 - Don't leave stdin non-blocking on exit - this caused the parent shell
344 of dbclient to close when dbclient exited, for some shells in BusyBox
346 - Server connections no longer timeout after 5 minutes
348 - Fixed stupid DSS hostkey typo (server couldn't load host keys)
350 0.44test2 - Tues Aug 17 2004 17:43:54 +0800
352 - Fix up dropbearmulti targets in the Makefile - symlinks are now created
354 - Compile fake-rfc2553 even with dropbearconvert/dropbearkey - this
355 allows them to work on platforms without a native getaddrinfo()
357 - Create ~/.ssh/known_hosts properly if it doesn't exist
359 - Fix basename() function prototype
361 - Backport some local changes (more #ifdefs for termcodes.c, a fix for missing
364 - Let dbclient be run as "ssh"
366 - Initialise mp_ints by default
368 0.44test1 - Sun Aug 16 2005 17:43:54 +0800
370 - TESTING RELEASE - this is the first public release of the client codebase,
371 so there are sure to be bugs to be found. In addition, if you're just using
372 the server portion, the final binary size probably will increase - I'll
373 be trying to get it back down in future releases.
375 - Dropbear client added - lots of changes to the server code as well to
378 - IPv6 support added for client, server, and forwarding
380 - New makefile with more generic support for multiple-program binaries
382 0.43 - Fri Jul 16 2004 17:44:54 +0800
384 - SECURITY: Don't try to free() uninitialised variables in DSS verification
385 code. Thanks to Arne Bernin for pointing out this bug. This is possibly
386 exploitable, all users with DSS and pubkey-auth compiled in are advised to
389 - Clean up agent forwarding socket files correctly, patch from Gerrit Pape.
391 - Don't go into an infinite loop when portforwarding to servers which don't
392 send any initial data/banner. Patch from Nikola Vladov
394 - Fix for network vs. host byte order in logging remote TCP ports, also
397 - Initialise many pointers to NULL, for general safety. Also checked cleanup
398 code for mp_ints (related to security issues above).
400 0.42 - Wed Jun 16 2004 12:44:54 +0800
402 - Updated to Gerrit Pape's official Debian subdirectory
404 - Fixed bad check when opening /dev/urandom - thanks to Danny Sung.
406 - Added -i inetd mode flag, and associated options in options.h . Dropbear
407 can be compiled with either normal mode, inetd, or both modes. Thanks
408 to Gerrit Pape for basic patch and motivation.
410 - Use <dirent.h> rather than <sys/dir.h> for POSIX compliance. Thanks to Bill
413 - Fixed a TCP forwarding (client-local, -L style) bug which caused the whole
414 session to close if the TCP connection failed. Thanks to Andrew Braund for
415 reporting it and helping track it down.
417 - Re-enable sigpipe for child processes. Thanks to Gerrit Pape for some
418 suggestions, and BSD manpages for a clearer explanation of the behaviour.
420 - Added manpages, thanks to Gerrit Pape.
422 - Changed license text for LibTomCrypt and LibTomMath.
424 - Added strip-static target
426 - Fixed a bug in agent-forwarding cleanup handler - would segfault
427 (dereferencing a null pointer) if agent forwarding had failed.
429 - Fix behaviour of authorized_keys parsing, so larger (>1024 bit) DSA keys will
430 work. Thanks to Dr. Markus Waldeck for the report.
432 - Fixed local port forwarding code so that the "-j" option will make forwarding
433 attempts fail more gracefully.
435 - Allow repeated requests in a single session if previous ones fail - this fixes PuTTY and some other SCP clients, which try SFTP, then fall-back to SCP if it
436 isn't available. Thanks to Stirling Westrup for the report.
438 - Updated to LibTomCrypt 0.96 and LibTomMath 0.30. The AES code now uses
439 smaller non-precomputed tables if DROPBEAR_SMALL_CODE is defined in
440 options.h, leading to a significant reduction in the binary size.
442 0.41 - Mon Jan 19 2004 22:40:19 +0800
444 - Fix in configure so that cross-compiling works, thanks to numerous people for
445 reporting and testing
447 - Terminal mode parsing now handles empty terminal mode strings (sent by
448 Windows ssh.com clients), thanks to Ricardo Derbes for the report
450 - Handling is improved for users with no shell specified in /etc/passwd,
451 thanks again to Ricardo Derbes
453 - Fix for compiling with --disable-syslog, thanks to gordonfh
455 - Various minor fixes allow scp to work with irix, thanks to Paul Marinceu for
458 - Use <stropts.h> not <sys/stropts.h>, since the former seems more common
460 0.40 - Tue Jan 13 2004 21:05:19 +0800
462 - Remote TCP forwarding (-R) style implemented
464 - Local and remote TCP forwarding can each be disabled at runtime (-k and -j
467 - Fix for problems detecting openpty() with uClibc - many thanks to various
468 people for reporting and testing fixes, including (in random order) Cristian
469 Ionescu-Idbohrn, James Ewing, Steve Dover, Thomas Lundquist and Frederic
472 - Improved portability for IRIX, thanks to Paul Marinceu
474 - AIX and HPUX portability fixes, thanks to Darren Tucker for patches
476 - prngd should now work correctly, thanks to Darren Tucker for the patch
478 - scp compilation on systems without strlcpy() is fixed, thanks to Peter
479 Jannesen and David Muse for reporting it (independently and simultaneously :)
481 - Merged in new LibTomCrypt 0.92 and LibTomMath 0.28
483 0.39 - Tue Dec 16 2003 15:19:19 +0800
485 - Better checking of key lengths and parameters for DSS and RSA auth
487 - Print fingerprint of keys used for pubkey auth
489 - More consistent logging of usernames and IPs
491 - Added option to disable password auth (or just for root) at runtime
493 - Avoid including bignum functions which don't give much speed benefit but
496 - Added a stripped down version of OpenSSH's scp binary
498 - Added additional supporting functions for Irix, thanks to Paul Marinceu
500 - Don't check for unused libraries in configure script
502 - Removed trailing comma in algorithm lists (thanks to Mihnea Stoenescu)
504 - Fixed up channel close handling, always send close packet in response
505 (also thanks to Mihnea Stoenescu)
507 - Various makefile improvements for cross-compiling, thanks to Friedrich
508 Lobenstock and Mihnea Stoenescu
510 - Use daemon() function if available (or our own copy) rather than separate
511 code (thanks to Frédéric Lavernhe for the report and debugging, and Bernard
512 Blackham for his suggestion on what to look at)
514 - Fixed up support for first_kex_packet_follows, required to talk to ssh.com
515 clients. Thanks to Marian Stagarescu for the bug report.
517 - Avoid using MAXPATHLEN, pointer from Ian Morris
519 - Improved input sanity checking
521 0.38 - Sat Oct 11 2003 16:28:13 +0800
523 - Default hostkey path changed to /etc/dropbear/dropbear_{rsa,dss}_host_key
524 rather than /etc/dropbear_{rsa,dss}_host_key
526 - Added SMALL and MULTI text files which have info on compiling for multiple
527 binaries or small binaries
529 - Allow for commandline definition of some options.h settings
532 - Be more careful handling EINTR
534 - More fixes for channel closing
536 - Added multi-binary support
538 - Improved logging of IPs, now get logged in all cases
540 - Don't chew cpu when waiting for version identification string, also
541 make sure that we kick off people if they don't auth within 5 minutes.
543 - Various small fixes, warnings etc
545 - Display MOTD if requested - suggested by
546 Trent Lloyd <lathiat at sixlabs.org> and
547 Zach White <zwhite at darkstar.frop.org>
549 - sftp support works (relies on OpenSSH sftp binary or similar)
551 - Added --disable-shadow option (requested by the floppyfw guys)
553 0.37 - Wed Sept 24 2003 19:42:12 +0800
555 - Various portability fixes, fixes for Solaris 9, Tru64 5.1, Mac OS X 10.2,
558 - Updated LibTomMath to 0.27 and LibTomCrypt to 0.90
560 - Renamed util.{c,h} to dbutil.{c,h} to avoid conflicts with system util.h
562 - Added some small changes so it'll work with AIX (plus Linux Affinity).
563 Thanks to Shig for them.
565 - Improved the closing messages, so a clean exit is "Exited normally"
567 - Added some more robust integer/size checking in buffer.c as a backstop for
570 - X11 forwarding fixed for OSX, path for xauth changed to /usr/X11R6/bin/xauth
572 - Channel code handles closing more nicely, doesn't sit waiting for an extra
573 keystroke on BSD/OSX platforms, and data is flushed fully before closing
574 child processes (thanks to
575 Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com> for
578 - Changed "DISABLE_TCPFWD" to "ENABLE_TCPFWD" (and for x11/auth) so
579 "disable DISABLE_TCPWD" isn't so confusing.
581 - Fix authorized_keys handling (don't crash on too-long keys, and
582 use fgetc not getc to avoid strange macro-related issues), thanks to
583 Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com>
584 and Steve Rodgers <hwstar at cox.net> for reporting and testing.
586 - Fixes to the README with regard to uClibc systems, thanks to
587 Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn at axis.com>,
588 as well as general improvements to documentation (split README/INSTALL)
590 - Fixed up some compilation problems with dropbearconvert/dropbearkey if
591 DSS or RSA were disabled, reported by Patrik Karlsson <patrik at cqure.net>
593 - Fix double-free bug for hostkeys, reported by
594 Vincent Sanders <vince at kyllikki.org>
596 - Fix up missing \ns from dropbearconvert help message,
597 thanks to Mordy Ovits <movits at bloomberg.com> for the patch
599 0.36 - Tue August 19 2003 12:16:23 +0800
601 - Fix uninitialised temporary variable in DSS signing code
602 (thanks to Matthew Franz <mdfranz at io.com> for reporting, and the authors
603 of Valgrind for making it easy to track down)
604 - Fix remote version-string parsing error
605 (thanks to Bernard Blackham <bernard at blackham.com.au> for noticing)
606 - Improved host-algorithm-matching algorithm in algo.c
607 - Decreased MAX_STRING_LEN to a more realistic value
608 - Fix incorrect version (0.34) in this CHANGES file for the previous release.
610 0.35 - Sun August 17 2003 05:37:47 +0800
612 - Fix for remotely exploitable format string buffer overflow.
613 (thanks to Joel Eriksson <je at bitnux.com>)
615 0.34 - Fri August 15 2003 15:10:00 +0800
617 - Made syslog optional, both at compile time and as a compile option
618 (suggested by Laurent Bercot <ska at skarnet.org>)
619 - Fixup for bad base64 parsing in authorized_keys
620 (noticed by Davyd Madeley <davyd at zdlcomputing.com>)
621 - Added initial tcp forwarding code, only -L (local) at this stage
622 - Improved "make install" with DESTDIR and changing ownership seperately,
623 don't check for setpgrp on Linux for crosscompiling.
624 (from Erik Andersen <andersen at codepoet.org>)
625 - More commenting, fix minor compile warnings, make return values more
627 - Various signedness fixes
628 - Can listen on multiple ports
629 - added option to disable openpty with configure script,
630 (from K.-P. Kirchdörfer <kapeka at epost.de>)
631 - Various cleanups to bignum code
632 (thanks to Tom St Denis <tomstdenis at iahu.ca>)
633 - Fix compile error when disabling RSA
634 (from Marc Kleine-Budde <kleine-budde at gmx.de>)
635 - Other cleanups, splitting large functions for packet and kex handling etc
637 0.33 - Sun June 22 2003 22:24:12 +0800
639 - Fixed some invalid assertions in the channel code, fixing the server dying
640 when forwarding X11 connections.
641 - Add dropbearconvert to convert to/from OpenSSH host keys and Dropbear keys
642 - RSA keys now keep p and q parameters for compatibility -- old Dropbear keys
643 still work, but can't be converted to OpenSSH etc.
644 - Debian packaging directory added, thanks to
645 Grahame (grahame at angrygoats.net)
646 - 'install' target added to the makefile
647 - general tidying, improve consistency of functions etc
648 - If RSA or DSS hostkeys don't exist, that algorithm won't be used.
649 - Improved RSA and DSS key generation, more efficient and fixed some minor bugs
650 (thanks to Tom St Denis for the advice)
651 - Merged new versions of LibTomCrypt (0.86) and LibTomMath (0.21)
653 0.32 - Sat May 24 2003 12:44:11 +0800
655 - Don't compile unused code from libtomcrypt (test vectors etc)
656 - Updated to libtommath 0.17 and libtomcrypt 0.83. New libtommath results
657 in smaller binary size, due to not linking unrequired code
658 - X11 forwarding added
659 - Agent forwarding added (for OpenSSH.com ssh client/agent)
660 - Fix incorrect buffer freeing when banners are used
661 - Hostname resolution works
662 - Various minor bugfixes/code size improvements etc
664 0.31 - Fri May 9 2003 17:57:16 +0800
666 - Improved syslog messages - IP logging etc
667 - Strip control characters from log messages (specified username currently)
668 - Login recording (utmp/wtmp) support, so last/w/who work - taken from OpenSSH
669 - Shell is started as a proper login shell, so /etc/profile etc is sourced
670 - Ptys work on Solaris (2.8 x86 tested) now
671 - Fixed bug in specifying the rsa hostkey
672 - Fixed bug in compression code, could trigger if compression resulted in
673 larger output than input (uncommon but possible).
675 0.30 - Thu Apr 17 2003 18:46:15 +0800
677 - SECURITY: buffer.c had bad checking for buffer increment length - fixed
678 - channel code now closes properly on EOF - scp processes don't hang around
679 - syslog support added - improved auth/login/failure messages
680 - general code tidying, made return codes more consistent
681 - Makefile fixed for dependencies and makes libtomcrypt as well
682 - Implemented sending SSH_MSG_UNIMPLEMENTED :)
684 0.29 - Wed Apr 9 2003
686 - Fixed a stupid bug in 0.28 release, 'newstr = strdup(oldstr)',
689 0.28 - Sun Apr 6 2003
691 - Initial public release
693 Development was started in October 2002