Re: FYI: SSH1 now disabled at compile-time by default

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Friday 27 March 2015 14:45:13 Gert Doering wrote:
> Hi,
> 
> On Fri, Mar 27, 2015 at 02:36:50PM +0100, Hubert Kario wrote:
> > > Same thing with needing sshv1 to access old network gear where even
> > > sshv1
> > > was an achievement.  "Throw away gear that does its job perfectly well,
> > > but has no sshv2 for *management*" or "keep around an ssh v1 capable
> > > client"?
> > 
> > If you depend on hardware like this, you should have support* for it.
> > Exactly because issues like this.
> > 
> >  * - where "support" means that either you have other people responsible
> >  for
> > 
> > fixing it or that you can hire other people to fix it as the need arises
>
> Try opening a case with HP that their ILO is broken and stupid, and they
> will happily sell you a new machine with a less broken ILO (or "differently"
> broken), but not do stuff like "add sane ciphers to an ILO2".  Same for
> Cisco - of course you can buy a new machine with SSHv2, but for the old
> one, they will do hardware replacement if it breaks, but no "new features
> in the software"...

then vote with your wallet

as long as you keep buying broken hardware, they will keep selling broken 
hardware

> Yes, it would be so cool if we could just pay someone to put Linux on
> our routing gear and give us a SSHv2 server (without breaking the functions
> that the device is important for, like "routing").  Right.

Linux can work as a router. And nowadays most of network appliances are just 
regular x86 PCs with nice GUI on top.

-- 
Regards,
Hubert Kario

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux