Date: Fri, 28 Sep 2001 08:33:34 -0400 From: "Brian F. Feldman" <green@FreeBSD.org> To: Kris Kennaway <kris@obsecurity.org> Cc: Mike Silbersack <silby@silby.com>, Brian Feldman <green@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/crypto/openssh atomicio.h auth-chall.c auth2-chall.c canohost.h clientloop.h groupaccess.c groupaccess.h kexdh.c kexgex.c log.h mac.c mac.h misc.c misc.h pathnames.h Message-ID: <200109281233.f8SCXZX57348@green.bikeshed.org> In-Reply-To: Message from Kris Kennaway <kris@obsecurity.org> of "Fri, 28 Sep 2001 01:35:27 PDT." <20010928013527.A8101@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway <kris@obsecurity.org> wrote:
> On Fri, Sep 28, 2001 at 01:58:57AM -0500, Mike Silbersack wrote:
> >
> > On Thu, 27 Sep 2001, Brian Feldman wrote:
> >
> > > The only difference between this and what's in -CURRENT is that the
> > > default /etc/ssh/ssh_config sets "Protocol 1,2" for all hosts. This can
> > > be overrided entirely in user ~/.ssh/config files, as always.
> >
> > Are there known compatibility problems with version 2 that this works
> > around, or is this just so that people don't get surprised when they need
> > to verify a new host key?
>
> If you change the protocol to 2,1 then your version 1 RSA keys won't
> be used by default because if the server can speak the ssh2 protocol
> then the client will try to auth with SSH2 keys first (which probably
> wont be set up to work, or may have different passphrases, etc) and
> then fall back to SSH2 password auth.
My easy solution is just to hardlink .ssh/{identity,id_rsa}{.pub,}.
--
Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! /
green@FreeBSD.org `------------------------------'
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109281233.f8SCXZX57348>