OpenSSH 8.2 has been released this Valentine’s Day. It comes with support for FIDO/U2F hardware authenticators, bug fixes, various improvements, and other changes.
OpenSSH which includes sFTP client and server support is a 100% complete SSH protocol 2.0 implementation. Its latest version OpenSSH 8.2 was released on 14 February. It has support for FIDO/U2F hardware authenticators. U2F/FIDO are open standards for inexpensive two-factor authentication (2FA) hardware that are widely used for website authentication.
FIDO/U2F support
In addition to FIDO/U2F support in OpenSSH 8.2, this new release of OpenSSH has other changes such as further defenestrating SSH-RSA for certificate signatures. These changes can affect ssh(1), sshd(8), ssh-keygen(1), ssh-sk-helper(8) configurations.
In the OpenSSH 8.2 release note, they noticed that they will be disabling the “ssh-rsa” public key signature algorithm that depends on SHA-1 by default in a near-future release. They advise users better alternatives like the RFC8332 RSA SHA-2 signature algorithms, the ssh-ed25519 signature algorithm, the RFC5656 ECDSA algorithms. OpenSSH 8.2 also comes with bug fixes, other new features.
Download: OpenSSH 8.2 Portable