Re: FYI: SSH1 now disabled at compile-time by default

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



No, I just think 15 years or so is more than enough time to have
addressed the issue.

On Thu, Mar 26, 2015 at 14:05:08 -0700, Dan Kaminsky wrote:
> So, this isn't your problem and you don't respect the people's whose
> problem it is.
> 
> On Thu, Mar 26, 2015 at 12:43 PM, Iain Morgan <imorgan@xxxxxxxxxxxx> wrote:
> 
> > On Thu, Mar 26, 2015 at 11:55:18 -0700, Dan Kaminsky wrote:
> > > You're right.  My argument the is the next build of OpenSSH should be
> > > OpenSSH 7, and the one after that 8, then 9, then 10.  No minor releases?
> > > Sure, go ahead.  Deprecate the point,
> > >
> > > Do you manage any machines running SSHv1?
> > >
> >
> > If by "running" you mean accepting SSH1, of course not. From a security
> > perspective, no one should be using SSH1.
> >
> > For those who, for whatever reason, need to support systems that only
> > support SSH1, there are already sufficient solutions that have been
> > noted multiple times on this list.
> >
> > Those who are still using SSH1 have already demonstrated the fact that
> > they are slow to embrace new technology, so I would not be surprised to
> > find that the majority of them are also slow to upgrade to newer
> > versions of OpenSSH. I would also not be surprised to find that many of
> > them are still using telnet to manage their routers.
> >
> > --
> > Iain Morgan
> >

-- 
Iain Morgan
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux