From owner-freebsd-current  Mon Jul 30  8:55:12 2001
Delivered-To: freebsd-current@freebsd.org
Received: from turtle.looksharp.net (cc360882-d.strhg1.mi.home.com [24.13.43.207])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2671C37B403; Mon, 30 Jul 2001 08:55:09 -0700 (PDT)
	(envelope-from bandix@looksharp.net)
Received: by turtle.looksharp.net (Postfix, from userid 1003)
	id 88B793E81; Mon, 30 Jul 2001 11:55:31 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
	by turtle.looksharp.net (Postfix) with ESMTP
	id 8514BBA7E; Mon, 30 Jul 2001 11:55:31 -0400 (EDT)
Date: Mon, 30 Jul 2001 11:55:31 -0400 (EDT)
From: "Brandon D. Valentine" <bandix@looksharp.net>
To: "Brian F. Feldman" <green@FreeBSD.org>
Cc: <obrien@FreeBSD.org>, <current@FreeBSD.org>
Subject: Re: quick informal survey: OpenSSH broken? 
In-Reply-To: <200107301512.f6UFCa780205@green.bikeshed.org>
Message-ID: <20010730115115.J62682-100000@turtle.looksharp.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

On Mon, 30 Jul 2001, Brian F. Feldman wrote:

>For what it's worth, I tend to simply set "Protocol 1,2" in my .ssh/config
>and for the default case, it works fine (just like it used to).  I don't
>want to make that policy decision, though, because we will be better off
>when everyone moves to the protocol version 2, so it's reasonable for the
>default to make things "difficult" to encourage the switch.  I support the
>OpenSSH developers' plan here.

FWIW, I do the same in my .ssh/config because I work in a heterogeneous
computing environment where my home directory is NFS automounted.  Some
operating systems come with SSH daemons still installed by default as
1,2. The newer operating systems, including most of our linux installs,
are 2,1 by default.  I use RSA keys to authenticate and it's easier to
just have one keypair to worry about.  When every machine I use has
sshv2 support and does it by default, then I'll kill the RSA keys and
generate DSA keys.  It's quite annoying that systems which have 2,1 in
their sshd_config won't detect that I have RSA keys in .ssh but no DSA
keys and go ahead and select sshv1 on their own.

-- 
Brandon D. Valentine <bandix@looksharp.net>

The very powerful and the very stupid have one thing in common.  Instead
of altering their views to fit the facts, they alter the facts to fit
their views ... which can be very uncomfortable if you happen to be one
of the facts that needs altering.
	- Doctor Who, "Face of Evil"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message