sshproxy project

I’m glad to announce the third beta of sshproxy-0.6.0.

Changes:

• new plugin: ttyrpld, a session recorder based on the ttyrpld log file format. To be able to replay the log files, you’ll need to install and run ttyreplay. Note: you don’t need to patch the kernel sources to be able to use this plugin or to replay logs. Thanks to Jan Engelhardt for his kindly help while I was implementing this plugin.
• new plugin: email_notifier to notify the proxy administrator about possible misconfigurations. Thanks to Michal Mazurek for this contribution.
• passwords can now contain non-ascii characters, and the tag password_encoding can be used to specify the charset (defaults to utf8). paramiko versions previous to 1.7.3 are runtime patched by an autoloaded plugin.
• paramiko/pycrypto random generator security issue is fixed at runtime with an autoloded plugin.
• several minor bug fixes.

You can download it here.

A crash disk occured on monday january 14 on the server hosting sshproxy-project.org website as well as the mailing lists. The server downtime has been a little longer than expected, but no data were lost in the replacement of the server.

I ordered a new server with a RAID array, and I will do the migration in the coming next weeks. I’m expecting little or no downtime during the migration.

You’re welcome to help keep the sshproxy web site online with a donation!

Following this thread, here is a security fix in the form of an auto-loadable plugin.

Just untar it in your plugin directory (plugin_dir in sshproxy.ini) and you’re safe to go — no need to modify sshproxy.ini to explicitely load it, however you still need to restart the sshproxyd daemon.

The file can be found here. It should be fully compatible with sshproxy 0.5.

If you’re using the source repository, you can update it now, the plugin has been commited.