From owner-freebsd-security  Thu Mar 25  7:51:51 1999
Delivered-To: freebsd-security@freebsd.org
Received: from fledge.watson.org (FLEDGE.RES.CMU.EDU [128.2.93.229])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1957614A14; Thu, 25 Mar 1999 07:51:47 -0800 (PST)
	(envelope-from robert@cyrus.watson.org)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.8.8/8.8.8) with SMTP id KAA00655;
	Thu, 25 Mar 1999 10:51:26 -0500 (EST)
	(envelope-from robert@cyrus.watson.org)
Date: Thu, 25 Mar 1999 10:51:26 -0500 (EST)
From: Robert Watson <robert@cyrus.watson.org>
X-Sender: robert@fledge.watson.org
Reply-To: Robert Watson <robert+freebsd@cyrus.watson.org>
To: Eivind Eklund <eivind@FreeBSD.ORG>
Cc: Sheldon Hearn <sheldonh@iafrica.com>,
	Mike Thompson <miket@dnai.com>,
	Matthew Dillon <dillon@apollo.backplane.com>,
	Gary Gaskell <gaskell@isrc.qut.edu.au>, freebsd-security@FreeBSD.ORG
Subject: Re: Kerberos vs SSH
In-Reply-To: <19990325154118.E57330@bitbox.follo.net>
Message-ID: <Pine.BSF.3.96.990325104851.483B-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 25 Mar 1999, Eivind Eklund wrote:

> On Thu, Mar 25, 1999 at 02:15:25PM +0200, Sheldon Hearn wrote:
> > On Wed, 24 Mar 1999 23:41:01 PST, Mike Thompson wrote:
> > > I am currently looking into what the licensing costs would be 
> > > for us to license SSH v2 for our servers.  Does BEST.COM pay
> > > to license SSH v1 or SSH v2 for internal use?
> > 
> > There are no licensing costs involved in using ssh1.
> 
> This is false, for most reasonable definitions of 'use'.
> 
> In particular, the use to which Mike Thompson (the original poster)
> said he would put the software is explicitly covered in the license
> for ssh (COPYING in the main ssh source directory) as needing
> commercial licensing from Data Fellows.

My impression was that a license was needed from RSA to use RSA public key
routines commercially.  The Data Fellows purchase would cover that also, I
believe.

One nice side to using SSH w/kerberos instead of just kerberized utilities
is that tunneling of X programs occurs automatically with ssh/slogin.

Any chance of K5 becoming the default version of kerberos distributed with
FreeBSD sometime? :-)

  Robert N Watson 

robert@fledge.watson.org              http://www.watson.org/~robert/
PGP key fingerprint: 03 01 DD 8E 15 67 48 73  25 6D 10 FC EC 68 C1 1C

Carnegie Mellon University            http://www.cmu.edu/
TIS Labs at Network Associates, Inc.  http://www.tis.com/
Safeport Network Services             http://www.safeport.com/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message