From owner-freebsd-current Mon Jul 30 8:12:41 2001 Delivered-To: freebsd-current@freebsd.org Received: from green.bikeshed.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 8B93A37B401; Mon, 30 Jul 2001 08:12:37 -0700 (PDT) (envelope-from green@green.bikeshed.org) Received: from localhost (green@localhost) by green.bikeshed.org (8.11.4/8.11.1) with ESMTP id f6UFCa780205; Mon, 30 Jul 2001 11:12:36 -0400 (EDT) (envelope-from green@green.bikeshed.org) Message-Id: <200107301512.f6UFCa780205@green.bikeshed.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: obrien@FreeBSD.org Cc: Brian Fundakowski Feldman , current@FreeBSD.org Subject: Re: quick informal survey: OpenSSH broken? In-Reply-To: Message from "David O'Brien" of "Mon, 30 Jul 2001 07:36:31 PDT." <20010730073630.C57400@dragon.nuxi.com> From: "Brian F. Feldman" Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 30 Jul 2001 11:11:20 -0400 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "David O'Brien" wrote: > On Sun, Jul 29, 2001 at 09:53:09PM -0400, Brian Fundakowski Feldman wrote: > > I need to know, if OpenSSH is ever going to get MFC'ed, are there any people > > currently running OpenSSH 2.9 from -CURRENT's base and getting major > > problems with it? Or even minor ones that actually make things more > > You've never responded to requests from people asking what it would take > to make things fall back to v1 gracefully. We all know it is a "feature" > that with a default configuration, it will try ssh2 first and if it is > not able to authenticate (say you have no .ssh/authorized_keys2 file) the > connection can fail. I don't mean to disappoint, but I don't think it will be possible to fall back without creating modifications on both sides (both renogotiation of connection on the server side and client side, because the protocols are inherently different). For what it's worth, I tend to simply set "Protocol 1,2" in my .ssh/config and for the default case, it works fine (just like it used to). I don't want to make that policy decision, though, because we will be better off when everyone moves to the protocol version 2, so it's reasonable for the default to make things "difficult" to encourage the switch. I support the OpenSSH developers' plan here. -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message