We stand with Ukraine to help keep people safe. Join us
OpenSSH
OpenSSH
3.0
0.0
OpenSSH free download for Mac

OpenSSH

Version 9.0

SSH protocol connectivity tools.

3.0
Based on 2 user ratesRead reviews & comments
Free
Absolutely Free

OpenSSH overview

OpenSSH is a free version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.

Note: While the software is classified as free, it is actually donationware. Please consider making a donation to help support development.

What’s new in version 9.0

Updated on Apr 09 2022

Potentially-incompatible changes:
  • This release switches scp(1) from using the legacy scp/rcp protocol to using the SFTP protocol by default.
  • Legacy scp/rcp performs wildcard expansion of remote filenames (e.g. "scp host:* .") through the remote shell. This has the side effect of requiring double quoting of shell meta-characters in file names included on scp(1) command-lines, otherwise they could be interpreted as shell commands on the remote side.
  • This creates one area of potential incompatibility: scp(1) when using the SFTP protocol no longer requires this finicky and brittle quoting, and attempts to use it may cause transfers to fail. We consider the removal of the need for double-quoting shell characters in file names to be a benefit and do not intend to introduce bug-compatibility for legacy scp/rcp in scp(1) when using the SFTP protocol.
  • Another area of potential incompatibility relates to the use of remote paths relative to other user's home directories, for example - "scp host:~user/file /tmp". The SFTP protocol has no native way to expand a ~user path. However, sftp-server(8) in OpenSSH 8.7 and later support a protocol extension "expand-path@openssh.com" to support this.
  • In case of incompatibility, the scp(1) client may be instructed to use the legacy scp/rcp using the -O flag.
New features:
  • ssh(1), sshd(8): use the hybrid Streamlined NTRU Prime + x25519 key exchange method by default ("sntrup761x25519-sha512@openssh.com"). The NTRU algorithm is believed to resist attacks enabled by future quantum computers and is paired with the X25519 ECDH key exchange (the previous default) as a backstop against any weaknesses in NTRU Prime that may be discovered in the future. The combination ensures that the hybrid exchange offers at least as good security as the status quo.
  • We are making this change now (i.e. ahead of cryptographically- relevant quantum computers) to prevent "capture now, decrypt later" attacks where an adversary who can record and store SSH session ciphertext would be able to decrypt it once a sufficiently advanced quantum computer is available.
  • sftp-server(8): support the "copy-data" extension to allow server- side copying of files/data, following the design in draft-ietf-secsh-filexfer-extensions-00. bz2948
  • sftp(1): add a "cp" command to allow the sftp client to perform server-side file copies.
Bugfixes:
  • ssh(1), sshd(8): upstream: fix poll(2) spin when a channel's output fd closes without data in the channel buffer. bz3405 and bz3411
  • sshd(8): pack pollfd array in server listen/accept loop. Could cause the server to hang/spin when MaxStartups > RLIMIT_NOFILE
  • ssh-keygen(1): avoid NULL deref via the find-principals and check-novalidate operations. bz3409 and GHPR#307 respectively.
  • scp(1): fix a memory leak in argument processing. bz3404
  • sshd(8): don't try to resolve ListenAddress directives in the sshd re-exec path. They are unused after re-exec and parsing errors (possible for example if the host's network configuration changed) could prevent connections from being accepted.
  • sshd(8): when refusing a public key authentication request from a client for using an unapproved or unsupported signature algorithm include the algorithm name in the log message to make debugging easier.
Portability:
  • sshd(8): refactor platform-specific locked account check, fixing an incorrect free() on platforms with both libiaf and shadow passwords (probably only Unixware) GHPR#284,
  • ssh(1), sshd(8): Fix possible integer underflow in scan_scaled(3) parsing of K/M/G/etc quantities. bz#3401.
  • sshd(8): provide killpg implementation (mostly for Tandem NonStop) GHPR#301.
  • Check for missing ftruncate prototype. GHPR#301
  • sshd(8): default to not using sandbox when cross compiling. On most systems poll(2) does not work when the number of FDs is reduced with setrlimit, so assume it doesn't when cross compiling and we can't run the test. bz#3398.
  • sshd(8): allow ppoll_time64 in seccomp sandbox. Should fix sandbox violations on some (at least i386 and armhf) 32bit Linux platforms. bz#3396.
  • Improve detection of -fzero-call-used-regs=all support in configure script.

Information

License

Free

Size

904 KB

Developer’s website

https://www.openssh.com/

Downloads

71221

App requirements

  • Intel 64
  • Intel 32
  • PPC 64
  • Mac OS X 10.1.5 or later
Try our new feature and write a detailed review about OpenSSH. All reviews will be posted soon.
Write your thoughts in our old-fashioned comment
MacUpdate Comment Policy. We strongly recommend leaving comments, however comments with abusive words, bullying, personal attacks of any type will be moderated.
0.0
(0 Reviews of )
There are no reviews yet
outer
outer
Apr 22 2012
6.0
0.0
Apr 22 2012
0.0
Version: 6.0
Does this coëxist with or overwrite Apple's implementation? If it overwrites, how can I know whether it will mess up other parts of my Apple-provided infrastructure?
Mac2048
Mac2048
Nov 19 2006
4.5
0.0
Nov 19 2006
0.0
Version: 4.5
I can't install OpenSSH 4.5 because it looks like the Makefile has a syntax error on line 3. It doesn't seem to like ".include" but it's happy with simply "include" without the dot. If I make that change then it gets a similar syntax error down in /usr/share/mk/bsd.own.mk (due to ".if" vs. "if"). I don't want to touch that file. The original error is: Makefile:3: *** missing separator. Stop. MacOS 10.2.8 (old, I know, which is why I want to upgrade ssh), /usr/bin/make is GNU Make version 3.79 Has anybody run into this?
Guest
Guest
Jul 28 2001
2.5.2
1.0
Jul 28 2001
1.0
Version: 2.5.2
Download is unusable when clicked. "File does not appear to be compressed or encoded. Obtain further information about the contents of this file from the sender or provider of the file." Thanks a lot. Me, bitter? Disappointed? An utter waste of download time!
Guest
Guest
Mar 28 2001
2.5.2
1.0
Mar 28 2001
1.0
Version: 2.5.2
err. ok. so it worked flawlessly today. whatever. It works like it should
Guest
Guest
Mar 26 2001
2.5.2
1.0
Mar 26 2001
1.0
Version: 2.5.2
unfortunately, wouldn't let the installation complete..and yes I did go through the whole process of typing in the admin password, trying three times, etc it also reset some of my preferences in the process. &^%$@^%!
Free
Absolutely Free
How would you rate OpenSSH?
Similar apps
ProxyCap
Tunnel applications through proxy and SSH servers.
Is this app is similar to ProxyCap? Vote to improve the quality of this list.
Vote results
0
Upvotes
1
Total score
0
Downvotes
SSH Proxy
Turn various remote SSH servers into SOCKS v5 proxies.
Is this app is similar to SSH Proxy? Vote to improve the quality of this list.
Vote results
0
Upvotes
1
Total score
0
Downvotes
SSH Tunnel
Manage and control your SSH tunnels.
Is this app is similar to SSH Tunnel? Vote to improve the quality of this list.
Vote results
0
Upvotes
1
Total score
0
Downvotes
SSH Shell
Secure one-click log-in.
Is this app is similar to SSH Shell? Vote to improve the quality of this list.
Vote results
0
Upvotes
1
Total score
0
Downvotes
Core Tunnel
Missing tunnel manager.
Is this app is similar to Core Tunnel? Vote to improve the quality of this list.
Vote results
0
Upvotes
1
Total score
0
Downvotes