Security-related issues may be sent to the private list openssh@openssh.com which is read only by the OpenSSH developers. It is not appropriate for general enquiries; see below for more appropriate places for those.
The Linux/Unix port of OpenSSH has a read-only mailing list openssh-unix-announce@mindrot.org. This list carries announcements of updated versions and related software. This list is closed for public posting and is very low-volume.
Information on subscription and list account management may be found here.
The openssh-unix-dev list (openssh-unix-dev@mindrot.org) is for the discussions relating to the development of both the portable and OpenBSD version of OpenSSH.
Traffic is light to moderate (zero to twenty messages per day). Valid subjects are the development of OpenSSH (both portable and OpenBSD versions), documentation and troubleshooting (assuming you have read the manual). HTML, "rich text" formatted email and large attachments are NOT PERMITTED. Posting requests for help which demonstrate your lack of familiarity with the basic documentation is likely to result in only "RTFM" responses, so please check it first.
Discussion of commercial products is *off topic* for this mailing list, except when it arises in the context of OpenSSH development (e.g. discussing interoperability).
The list is open to non-subscribers although they may be subject to a one-time address validation. Small attachments (such as diff files) are acceptable within the bounds of common sense. The list is archived by MARC.
More information on subscription and list account management may be found at the openssh-unix-dev@mindrot.org information page.
General support (especially regarding interoperability issues) may also be found at the newsgroup comp.security.ssh.
The archive of the former secureshell@securityfocus.com list at MARC may provide additional historical information.