Date: Tue, 09 Jul 2002 10:21:54 -0700 From: "Kevin Oberman" <oberman@es.net> To: Doug Barton <DougB@FreeBSD.org> Cc: Jay Sachs <jay@eziba.com>, stan <stanb@awod.com>, FreeBSD Stable Mailing List <freebsd-stable@FreeBSD.org>, des@FreeBSD.org Subject: Re: ssh to remote machines problem after cvsup Message-ID: <20020709172154.58E175D03@ptavv.es.net> In-Reply-To: Your message of "Tue, 09 Jul 2002 10:09:29 PDT." <3D2B18C9.B266193A@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Tue, 09 Jul 2002 10:09:29 -0700 > From: Doug Barton <DougB@FreeBSD.org> > Sender: owner-freebsd-stable@FreeBSD.ORG > > Jay Sachs wrote: > > > There are those of us who consider the protocol switch a good change, > > So you are free to do that on your systems. The problem is, whether you > think it's a good idea or not, it's already catching people by surprise, > and locking them out of their systems. The change should be reverted. Doug, This was discussed on stable (admittedly a bit late in the game) and every comment I saw favored making the change in Stable. An entry was made in UPDATING to warn people of the change. From a security standpoint alone the change is justified as protocol V1.5 has long required kludges to work around its problems while V2 was much more carefully crafted from the ground up and has no known problems. I am only talking about the protocol and no particular implementation. People should really be using V2 protocols in all cases except where remote systems still don't support it. (And, do you REALLY want to connect to those systems?) I will admit that I had pretty much converted everything of mine to use V2 long before this came up, so this really didn't have an impact on me. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020709172154.58E175D03>