Re: FYI: SSH1 now disabled at compile-time by default

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



So, this isn't your problem and you don't respect the people's whose
problem it is.

On Thu, Mar 26, 2015 at 12:43 PM, Iain Morgan <imorgan@xxxxxxxxxxxx> wrote:

> On Thu, Mar 26, 2015 at 11:55:18 -0700, Dan Kaminsky wrote:
> > You're right.  My argument the is the next build of OpenSSH should be
> > OpenSSH 7, and the one after that 8, then 9, then 10.  No minor releases?
> > Sure, go ahead.  Deprecate the point,
> >
> > Do you manage any machines running SSHv1?
> >
>
> If by "running" you mean accepting SSH1, of course not. From a security
> perspective, no one should be using SSH1.
>
> For those who, for whatever reason, need to support systems that only
> support SSH1, there are already sufficient solutions that have been
> noted multiple times on this list.
>
> Those who are still using SSH1 have already demonstrated the fact that
> they are slow to embrace new technology, so I would not be surprised to
> find that the majority of them are also slow to upgrade to newer
> versions of OpenSSH. I would also not be surprised to find that many of
> them are still using telnet to manage their routers.
>
> --
> Iain Morgan
>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux