From owner-freebsd-security  Mon Feb 19 15:11:14 2001
Delivered-To: freebsd-security@freebsd.org
Received: from hand.dotat.at (sfo-gw.covalent.net [207.44.198.62])
	by hub.freebsd.org (Postfix) with ESMTP id 7B5AF37B503
	for <freebsd-security@freebsd.org>; Mon, 19 Feb 2001 15:11:09 -0800 (PST)
Received: from fanf by hand.dotat.at with local (Exim 3.20 #3)
	id 14UQfx-0005YY-00; Sun, 18 Feb 2001 10:02:41 +0000
Date: Sun, 18 Feb 2001 10:02:41 +0000
From: Tony Finch <dot@dotat.at>
To: Jan Conrad <conrad@th.physik.uni-bonn.de>
Cc: Kris Kennaway <kris@obsecurity.org>,
	freebsd-security@freebsd.org,
	Ralph Schreyer <schreyer@th.physik.uni-bonn.de>
Subject: Re: Why does openssh protocol default to 2?
Message-ID: <20010218100241.M2746@hand.dotat.at>
References: <20010215133000.A12807@mollari.cthul.hu> <Pine.BSF.4.33.0102161442540.51347-100000@merlin.th.physik.uni-bonn.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.33.0102161442540.51347-100000@merlin.th.physik.uni-bonn.de>
Organization: Covalent Technologies, Inc
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Jan Conrad <conrad@th.physik.uni-bonn.de> wrote:
>
>I mean I just checked some University systems running ssh2 and ssh1 and I
>found really *lots* of keys in NFS mounted users homes... (sometimes 10%
>of the users had keys in their homes....)

If the users don't encrypt their ssh keys then they deserve to lose.
That doesn't make ssh2 less secure than ssh1.

Tony.
-- 
f.a.n.finch    fanf@covalent.net    dot@dotat.at



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message