Tess Gauthier

I think we can solve this by bypassing the component that sets up the service during upgrades. @heaths hoping to get your input on this - would the best approach...

Can the new feature with the ssh-agent service be a child of both the `CLIENT` and the `SERVER`? The option to setup the ssh-agent service should be given if either...

> my original recommendation stands: just remove the `SERVER` feature per the previous command line I think that would work if this issue was about the `sshd service`, but it's...

/AzurePipelines run

@kor44, ah ok - I tested with the latest Win32-OpenSSH (version 9.5) as the server & client (with the proposed change). My primary concern is the behavior on the latest...

> Should I make some actions to merge this pull request? No, the PR needs to be approved before it can be merged. I'm still concerned about the behavior change...

Thanks for opening as a separate issue! There is still work that needs to be done to support this on Windows.

In this case, Win32-OpenSSH is affected in the same way that OpenSSH-Portable, the upstream codebase, is. The release notes for upstream 9.6 have additional context - [9.6 release notes](https://www.openssh.com/txt/release-9.6) -...

That's not currently planned for this issue - [here](https://www.microsoft.com/en-us/msrc/windows-security-servicing-criteria#:~:text=The%20criteria%20used%20by%20Microsoft%20when%20evaluating%20whether,of%20the%20vulnerability%20meet%20the%20bar%20for%20servicing%3F) is more info on the servicing criteria for Windows.

- commit: https://github.com/PowerShell/openssh-portable/commit/e7010dc405279e32d26daf6b94134bf04761a4db. - yes, https://github.com/PowerShell/openssh-portable/releases/tag/v9.5.0.0 has the mitigation in place. - no, it has not been backported to other tags in the repository.