Date: Mon, 6 Mar 2000 11:29:39 +0100 From: Edwin Kremer <edwin+freebsd-current@cs.uu.nl> To: freebsd-current@FreeBSD.ORG Subject: Re: openssh question Message-ID: <20000306112939.A24401@cs.uu.nl> In-Reply-To: <200003060920.CAA57713@harmony.village.org>; from imp@village.org on Mon, Mar 06, 2000 at 02:20:35AM -0700 References: <200003060833.AAA18027@windsor.research.att.com> <200003060920.CAA57713@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Mar 06, 2000 at 02:20:35AM -0700, Warner Losh wrote: : OpenSSH inherited this from the 1.2.12 version it started from. On a side note: last week, Tatu Ylonen, principal author of SSH, posted a message on the SSH mailing-list (in the thread about the new SSH2 license) saying that: " OpenSSH is based on my version from back in 1995 or 1996. The OpenSSH " folks have fixed many of the (security) bugs in that version, but not " all of them when I last checked. Some of the problems in SSH1 are " very fundamental. " " I do not recommend use of OpenSSH (or SSH1 generally, for that matter). There hasn't been much followup on this. Anybody here who cares to comment on this? What issues are relevant here and how bad is it? Best regards, -- Edwin H. Kremer, senior systems- and network administrator. <edwin@cs.uu.nl> Dept. of Computer Science, Utrecht University, The Netherlands [WHOIS: ehk3] -------------------- http://www.cs.uu.nl/people/edwin/ ----------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000306112939.A24401>