Date: Mon, 1 Jul 2002 17:35:08 -0700 From: "Chris McCluskey" <chris@digitaldeck.com> To: <freebsd-security@freebsd.org> Subject: FW: Which SSH now (and when)? Message-ID: <ECEPLGOFLCLKKCNAGCBHGEIDCEAA.chris@digitaldeck.com>
next in thread | raw e-mail | index | archive | help
I didn't get any response from -questions, so I thought I would try here. I know some are stupid, but keep with me ok?! ___ I was hoping that everyone out there can clarify a couple questions (and/or possibly false statements) I have regarding SSH. FreeBSD (4.5) SSH in the system source is (or was) built from OpenSSH3.3? FreeBSD (4.5) ships with the SSH ports (ssh and ssh2) from ssh.com? To stay consistent with the FreeBSD project then, it would be a good idea to build out of the openssh or openssh-portable ports instead of the ssh/ssh2 ports -- using the portable port if and only if PAM support is needed? Have the security issues recently released from ISS and OpenSSH have been fixed and the ports in openssh and openssh-portable (both OpenSSH 3.4) have been initially tested, and found to be ok in the following areas -- 1) ChallengeResponseAuth is now fixed, 2) key exchanges with previously created DSA or RSA keys are now working currently, and 3) PRIVSEP is now enabled by default in both openssh ports? Are there any issues that should keep me from using the ssh.com ports (besides the possible security issues with SSH1 on a protocol level) and the lack of a PRIVSEP mechanism? Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ECEPLGOFLCLKKCNAGCBHGEIDCEAA.chris>