From owner-freebsd-security Tue May 16 0:31:35 2000 Delivered-To: freebsd-security@freebsd.org Received: from nsm.htp.org (nsm.htp.org [202.241.243.104]) by hub.freebsd.org (Postfix) with SMTP id 29E9437B537 for ; Tue, 16 May 2000 00:31:28 -0700 (PDT) (envelope-from sen_ml@eccosys.com) Received: (qmail 22359 invoked from network); 16 May 2000 07:27:54 -0000 Received: from localhost (127.0.0.1) by localhost with SMTP; 16 May 2000 07:27:54 -0000 To: security@freebsd.org Subject: Re: SSH1, SSH2, RSA, DES, etc etc From: sen_ml@eccosys.com In-Reply-To: <00bf01bfbf06$2d28f0b0$deff58c1@sos> References: <00bf01bfbf06$2d28f0b0$deff58c1@sos> X-Mailer: Mew version 1.94.1 on Emacs 20.6 / Mule 4.0 (HANANOEN) X-No-Archive: Yes Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20000516163125D.1001@eccosys.com> Date: Tue, 16 May 2000 16:31:25 +0900 X-Dispatcher: imput version 20000228(IM140) Lines: 41 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org From: "Morten Seeberg" Subject: SSH1, SSH2, RSA, DES, etc etc Date: Tue, 16 May 2000 09:13:01 +0200 Message-ID: <00bf01bfbf06$2d28f0b0$deff58c1@sos> > Does anyone know a good link to an explanation of these? not off-hand -- for crypto stuff, the book "applied cryptography 2nd ed" has pretty good descriptions of various algorithms. the handbook of applied cryptography is available via http or ftp as well, but i haven't read that myself. perhaps someone can provide a link. > Like why would I want to use SSHx instead of SSHxx, there have been some posts to the ssh mailing list concerning why use ssh1 over ssh2 or vice versa. you might consider asking there. things going for ssh1: -tested more heavily (much longer history of being deployed) -protocol is much simpler than ssh2 (less to screw up in implementation and design) things going for ssh2: -ietf drafts exist for ssh2 (will probably reach rfc status if this hasn't happened already) -has fixed a problem (may be more than one?) that exists in the ssh1 protocol there are other differences too, but none of them seemed to be clearly favorable to me. btw, iirc, openssh has (or will have soon) support for both protocol versions. > and why encrypt with RSA instead of DES, blowfish and whatnot :) to nitpick: you probably wouldn't want to be comparing a public key algorithm (RSA) w/ a symmetric key algorithm (DES) in this kind of context :-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message