From owner-freebsd-security Tue Jan 4 9:43:38 2000 Delivered-To: freebsd-security@freebsd.org Received: from hilda.bohemians.lexington.ky.us (hilda.bohemians.lexington.ky.us [207.246.92.4]) by hub.freebsd.org (Postfix) with ESMTP id 23CCA15097; Tue, 4 Jan 2000 09:43:32 -0800 (PST) (envelope-from drankin@bohemians.lexington.ky.us) Received: from rumpole.bohemians.lexington.ky.us (rumpole.bohemians.lexington.ky.us [207.246.92.3]) by hilda.bohemians.lexington.ky.us (8.9.3/8.9.3) with ESMTP id JAA17875; Tue, 4 Jan 2000 09:43:09 -0800 (PST) Received: (from drankin@localhost) by rumpole.bohemians.lexington.ky.us (8.9.3/8.9.3) id MAA06230; Tue, 4 Jan 2000 12:38:23 -0500 (EST) Date: Tue, 4 Jan 2000 12:38:23 -0500 From: David Rankin To: Markus Friedl Cc: David Rankin , Brian Fundakowski Feldman , "Michael H. Warfield" , Dug Song , security@FreeBSD.org, openssh-unix-dev@mindrot.org Subject: Re: OpenSSH protocol 1.6 proposal Message-ID: <20000104123822.B6035@rumpole.bohemians.lexington.ky.us> References: <20000102151208.A21548@folly.informatik.uni-erlangen.de> <20000103092733.B3780@rumpole.bohemians.lexington.ky.us> <20000103234930.A10240@folly.informatik.uni-erlangen.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.6us In-Reply-To: <20000103234930.A10240@folly.informatik.uni-erlangen.de>; from Markus Friedl on Mon, Jan 03, 2000 at 11:49:30PM +0100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'll condense two different responses into one letter. Also, I have posted what I'd call a "draft action plan" for an OpenSSH 2.0 project to http://www.bohemians.lexington.ky.us/~drankin/openssh2.proposal for anyone interested to examine. I suggest that we limit further discussion of this thread to openssh-dev-list. Thanks, David On Mon, Jan 03, 2000 at 07:47:15PM +0000, Philip Hands wrote: > David Rankin writes: > > Once we get someone to make a list, I think we can start working on > > the details. No use flooding security@FreeBSD.org or openssh-dev-list > > with a lot of off-topic discussion (and can stop the monster CC:... :) > Would it not be better to attempt to get lsh finished off, since that > doesn't have any possible licensing problem related to the > protocol/name thing. So long as we maintain compatability with SSH 1.5, I don't think that there are licensing issues. This should be true even when/if SSH 2.0 support is included. As for lsh, I like what is already there, but there's a couple of fundamental design choices that I don't agree with in lsh. They are: 1> Lack of compatability with the SSH 1.5 protocol. This is of course the biggest issue for me. There are a ton of SSH 1.x implementations out there. 2> Non-forking server. A select() system is inherantly more complex than a fork/exec design. I can see a lightweight thread replacement for fork/exec, but not a monolithic non-forking server. > Cheers, Phil. On Mon, Jan 03, 2000 at 11:49:30PM +0100, Markus Friedl wrote: } I hope this is my last mail on this subject. All this discussion } about SSH2 misses the fact that we are talking about a security } product, so 'features' should not be overrated. } Especially for ssh it should be remembered that "complexity is the } enemy". You almost get my SSH1.6 for free. The patches consist } of minor modifications that are supposed to makes SSH1 much more } secure. Compare the code size of OpenSSH (~ 20.000 lines) with the } code size of ssh-2.0.1x (~ 100.000 lines), an incarnation of SSH2. } Do secure protocols leed to secure implementations? I wasn't aware of how close to completion your SSH 1.6 patches are. In this case, I think that it'd be a Good Thing(tm) to include them right after OpenSSH 1.2.1 is ready. Also, I'm not sure if comparing code lines is fair. OpenSSH + OpenSSL are more than ~20000 lines, although still not in the 100k range. That said, your point is valid: SSH 2.0 is more complex, and any SSH 2.0 implementation is also more complex. That means that it's going to be a while before OpenSSH 1.2 is obsolete. I agree with your SSH 1.6 proposal as an interim solution, possibly its completion driving OpenSSH 1.3. Thanks, David -- David W. Rankin, Jr. Husband, Father, and UNIX Sysadmin. Email: drankin@bohemians.lexington.ky.us Address/Phone Number: Ask me. "It is no great thing to be humble when you are brought low; but to be humble when you are praised is a great and rare accomplishment." St. Bernard To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message