OpenSSH 10.4 arrives with security fixes and a post-quantum signature option
Operators who manage remote access to Unix and Linux systems keep a close watch on OpenSSH, the software that carries most SSH traffic across the internet. The project released version 10.4 with eight security fixes, a set of bug corrections, and a couple of new features.

What the security fixes cover
Two of the security fixes came from the Swival Security Scanner. One covers sftp, where a malicious server could steer a command-line download such as “sftp host:/path .” to an unexpected location on the client machine. The other covers scp during copies between two remote hosts, where a malicious server could write files into the parent directory of the intended target.
Several fixes touch sshd, the server daemon. Its internal-sftp implementation, an option that operators turn on by hand, silently dropped arguments past the ninth on long command lines, which could discard a security-relevant setting placed later in the line. A related change makes DisableForwarding=yes override PermitTunnel=yes, matching the documented behavior. Another addresses a pre-authentication denial of service that could occur when GSSAPIAuthentication was turned on, a feature that ships off by default. The same release adds a documentation note that GSSAPIStrictAcceptorCheck becomes ineffective once the server joins a Windows Active Directory.
The minimum authentication delay, a timing measure that limits how fast an attacker can test passwords, was skipped in some cases, and 10.4 enforces it. On the client side, ssh carried a use-after-free that could trigger if a server changed its host key during a key reexchange, a memory bug.
A post-quantum signature to test
The release adds experimental support for a signature scheme that pairs ML-DSA 44 with Ed25519, following the draft-miller-sshm-mldsa44-ed25519-composite-sigs specification. The scheme combines the two algorithms into one composite signature and stays off by default. Administrators who want to try it add the algorithm to settings such as HostKeyAlgorithms and PubkeyAcceptedAlgorithms, then generate keys with ssh-keygen -t mldsa44-ed25519.
A second feature replaces the wildcard pattern matcher with one built on a nondeterministic finite automaton. The change removes the exponential worst-case running time that the old code could hit on certain patterns.
Other fixes across the tools
General repairs round out the release. sftp gained fixes for small out-of-bounds reads, and its ls -ln listing again shows numeric user and group IDs. The crypto code picked up signature malleability and public key validity checks for ed25519 verification, and ssh-agent now caps the length of usernames in key use constraints to guard against a runtime denial of service.
Changes that may affect existing setups
Three changes could break some configurations. The dump from sshd -G now prints directives in mixed case, such as PubkeyAuthentication, where earlier versions emitted lower case. On Linux hosts running the seccomp sandbox, a failure to enable SECCOMP or NO_NEW_PRIVS is now fatal, so systems that lack these should disable the sandbox at configure time. The transport layer grew stricter and will disconnect a peer that sends non-key-exchange messages during a post-authentication rekey, a memory-wasting behavior.