Re: FYI: SSH1 now disabled at compile-time by default

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, Mar 26, 2015 at 20:11:28 +0000, Alex Bligh wrote:
> 
> On 26 Mar 2015, at 19:43, Iain Morgan <imorgan@xxxxxxxxxxxx> wrote:
> > Those who are still using SSH1 have already demonstrated the fact that
> > they are slow to embrace new technology, so I would not be surprised to
> > find that the majority of them are also slow to upgrade to newer
> > versions of OpenSSH. I would also not be surprised to find that many of
> > them are still using telnet to manage their routers.
> 
> Really?
> 
> I use ssh2 everywhere (obviously). Occasionally I need to connect to
> an old Cisco box that cannot be upgraded to support new ssh protocols
> because it the flash is not large enough. It's locked down by IP
> address, and behind a firewall, but the only option other than ssh is
> telnet. I'd like my normal client to support sshv2 and sshv1. I don't mind
> having to explicitly request this on the command line, nor do
> I mind warnings. I don't think this use case is particularly unusual
> given ssh is a 'swiss army knife' tool. Does the fact I still like
> my odd-tool-that-removes-the-stones-from-horses-hooves make me
> slow to embrace the shiny sharp blade?
> 
> Or (to put this another way) - fine, disable at compile-time
> by default if you want. But please also make it possible to
> have it compiled in but produce a warning and require explicit
> confirmation or something. This would encourage the distros
> to choose either one of those things, rather than simply
> change the compilation option back.
> 
> -- 
> Alex Bligh
> 

So, there's already a compile-time option to enable SSH1 support. And, I
rather suspect that some OS distributors will enable tht option by
default and others might provide both flavors. This is merely a change
to the default for OpenBSD and stock portable OpenSSH.

-- 
Iain Morgan
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux