Re: Legacy option for key length?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi,

On Mon, Jan 01, 2018 at 07:52:26AM -0800, Peter Moody wrote:
> I would prefer that:
> 
>  * commercial vendors patched the software they sold
>  * people who purchased from these vendors to take responsibility for
> their actions and apply pressure on the commercial vendors rather than
> the free software developers who provide the client software, for
> free.

You *are* aware what people are talking about?  Like, management cards
for UPSes and such, where the important part is "will that UPS provide
reliable power for a reasonable price", a secondary question is "can I
monitor that thing in a reasonable way?", and a very very very minor
influencing factor is "will the management card do SNMPv3, or SSH with o
2048 bit RSA key size"?

Your extreme point of view is just unrealistic for such devices and
vendors.


> and I'm not sure what your bugaboo is about a fractured user base; at
> any given time there are probably hundreds of different versions of
> openssh being distributed due to different os's, distros, etc.
> 
> by the way, do you not see that every one of your arguments about the
> openssh client can be applied, almost verbatim, to the vendor supplied
> sshd? with the obvious exception that one is supplied by a commercial
> vendor.

Like, "making updates, and all of a sudden, working setups stop working"?

I *have* seen this, and usually because the vendor imported a newer version
of OpenSSH, which broke existing functionality :-) (like, Fortigate, which
all of a sudden did not authenticate users with DSA keys anymore, and no
mentioning of it in the release notes...).

gert
-- 
now what should I write here...

Gert Doering - Munich, Germany                             gert@xxxxxxxxxxxxxx

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux