Re: FYI: SSH1 now disabled at compile-time by default

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, Mar 26, 2015 at 11:55:18 -0700, Dan Kaminsky wrote:
> You're right.  My argument the is the next build of OpenSSH should be
> OpenSSH 7, and the one after that 8, then 9, then 10.  No minor releases?
> Sure, go ahead.  Deprecate the point,
> 
> Do you manage any machines running SSHv1?
> 

If by "running" you mean accepting SSH1, of course not. From a security
perspective, no one should be using SSH1.

For those who, for whatever reason, need to support systems that only
support SSH1, there are already sufficient solutions that have been
noted multiple times on this list.

Those who are still using SSH1 have already demonstrated the fact that
they are slow to embrace new technology, so I would not be surprised to
find that the majority of them are also slow to upgrade to newer
versions of OpenSSH. I would also not be surprised to find that many of
them are still using telnet to manage their routers.

-- 
Iain Morgan
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux