GSI-OpenSSH is a modified version of OpenSSH that adds support for GSI authentication and credential forwarding (delegation), providing a single sign-on remote login and file transfer service. GSI-OpenSSH also includes High Performance Networking (HPN) updates for OpenSSH from the Pittsburgh Supercomputing Center, iSSHD/NERSCmod (run-time disabled by default), and TCP wrapper support. A new GSI-OpenSSH version 7.5p1b is now available that is compatible with OpenSSL 1.1 and includes security updates. The GSI-OpenSSH 7.5p1b deployment plan is available at:
All SPs are asked to deploy this GSI-OpenSSH 7.5p1b by 10/31/2017.
IMPORTANT NOTE: Per https://www.openssh.com/security.html many older versions are vulnerable to multiple security issues. Also older GSI-OpenSSH releases don’t support peers using newer OpenSSL 1.1. Hence, it’s imperative and strongly encouraged that all XSEDE GSI-OpenSSH SPs upgrade to this new GSI-OpenSSH release 7.5p1b.