suSSHi Proxy

Overview

Release

Upgrade Path

Image

24.02

>= 20.08

hub.susshi.io/susshi-proxy:24.02

24.01

>= 20.08

hub.susshi.io/susshi-proxy:24.01

23.10

>= 20.08

hub.susshi.io/susshi-proxy:23.10

22.10

>= 20.08

hub.susshi.io/susshi-proxy:22.10

21.12

>= 20.08

hub.susshi.io/susshi-proxy:21.12

21.10

>= 20.08

hub.susshi.io/susshi-proxy:21.10

21.05.2

>= 20.08

hub.susshi.io/susshi-proxy:21.05.2

21.03

>= 20.08

hub.susshi.io/susshi-proxy:21.03

20.08.2

>= 19.12

hub.susshi.io/susshi-proxy:20.08.2

20.06

>= 19.12

hub.susshi.io/susshi-proxy:20.06

20.05

>= 19.12

hub.susshi.io/susshi-proxy:20.05

Tip

Additionally, these images are also available through our private registry registry.susshi.io.

Release 24.01

Information

  • This is a maintenance release including library and container updates.

Release 24.01

Information

  • This is a maintenance release including library and container updates.

Security Notes

  • Update libSSH to 0.10.6, which addresses the following security vulnerabilities: * CVE-2023-48795: Avoid potential downgrade attacks by implementing strict kex. * Other CVEs addressed by libSSH do not apply to suSSHi.

Release 23.10

Information

  • This is a maintenance release including library and container updates.

Release 22.10

Information

  • This is a maintenance release including library and container updates.

Release 21.12

Information

  • This is a maintenance release.

Bug Fixes

  • Fixed an issue with “Susshi Banner too large” error message and session termination on high latency network connections between gateway and proxy.

Release 21.10

Information

  • This is a maintenance release.

Release 21.05.2

Bug Fixes

  • Fix issue with Bastion daemon not working after container restart.

Release 21.03

Improvements

  • Image size decreased by more than 15%.

Release 20.08.2

Improvements

  • Updated container base image to Ubuntu 20.04 LTS.

Release 20.06

Information

  • This is a maintenance release.

Release 20.05

Warning

This release is backward compatible to suSSHi Gateways from version 19.12 or newer. To use the new suSSHi Proxy Bastion feature, suSSHi Gateway and suSSHi Proxy must be updated to version 20.05 or later.

New Features

  • suSSHi Proxy Bastions

    With the suSSHi Proxy Bastions feature, a suSSHi Proxy can act as a SSH endpoint for users having the need for port-forwarding only, but no interactive session is required. This can be used when a proxy is deployed in a remote environment like a cloud tenant and the users don’t need SSH access to a target host within the remote environment, but want to establish a port forwarding to applications like RDP, for example.

    To start a suSSHi Proxy Bastion session, the user just uses gateway-user@proxy-realm syntax as the gateway user:

    ssh -L 8443:webserver:443 -l myuser@proxy15 <gateway>
ssh -D 1080 -l myuser@proxy15 <gateway>

  • IPv6 Support

    In addition to the already existing support for IPv6 between suSSHi Gateway and suSSHi Proxy, the suSSHi Proxy now also support IPv6 to connect to a target. The container has to be run in a container environment supporting IPv6 and the listening ports have to be configured for an IPv6 listener accordingly.

Improvements

  • Starting with version 20.05, all processes of the suSSHi Proxy container will be changed to an unprivileged user named “susshi” after startup.