From owner-freebsd-security Mon Jul 8 15:25: 5 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9977237B400 for ; Mon, 8 Jul 2002 15:25:02 -0700 (PDT) Received: from mrout2.yahoo.com (mrout2.yahoo.com [216.145.54.172]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3AD6243E31 for ; Mon, 8 Jul 2002 15:25:02 -0700 (PDT) (envelope-from DougB@FreeBSD.org) Received: from zoot.corp.yahoo.com (zoot.corp.yahoo.com [216.145.52.89]) by mrout2.yahoo.com (8.11.6/8.11.6/y.out) with ESMTP id g68MOuR24923; Mon, 8 Jul 2002 15:24:56 -0700 (PDT) Received: from localhost (dougb@localhost) by zoot.corp.yahoo.com (8.12.5/8.12.5/Submit) with ESMTP id g68MOt5B084728; Mon, 8 Jul 2002 15:24:56 -0700 (PDT) Date: Mon, 8 Jul 2002 15:24:55 -0700 (PDT) From: Doug Barton To: "Philip J. Koenig" Cc: security@FreeBSD.org Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLEnow has OpenSSH 3.4p1] In-Reply-To: <20020708141630166.AAA962@empty1.ekahuna.com@pc02.ekahuna.com> Message-ID: <20020708152038.D84324-100000@zoot.corp.yahoo.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 8 Jul 2002, Philip J. Koenig wrote: > Actually I'm not sure that history bears that out. Take a look at > the fundamental changes in Sendmail functionality recently, I disagree strongly with the direction that much of the sendmail stuff has taken in both -current and -stable. However, the upgrades were "necessary," for a fairly good definition of "necessary." We gain very little by changing the default, and we run the risk of causing tremendous trouble to our users. You can of course add an obligatory argument about two wrongs don't make a right here... Indeed, there are already at least two threads in -stable, and god knows how many in -questions on this very topic. That's because the default in the ssh binary seems to have been shifted to "Protocol 2,1" which is causing all kinds of problems for users who don't understand that. This has nothing to do with users carelessly mergemaster'ing, or any of the other aspersions that other contributors to this thread have made. Also, as you pointed out, wonky mail configurations are a problem I can fix, because I can log into the box. Not being able to log into the box is a whole other can of worms. -- "We have known freedom's price. We have shown freedom's power. And in this great conflict, ... we will see freedom's victory." - George W. Bush, President of the United States State of the Union, January 28, 2002 Do YOU Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message