Date: Sun, 11 Feb 2001 12:18:04 -0800 From: Kris Kennaway <kris@obsecurity.org> To: William Wong <willwong@samurai.com> Cc: freebsd-security@freebsd.org Subject: Re: Default sshd_config settings Message-ID: <20010211121803.A78601@mollari.cthul.hu> In-Reply-To: <000701c0945c$eb3eaff0$0300a8c0@magus>; from willwong@samurai.com on Sun, Feb 11, 2001 at 02:00:36PM -0500 References: <000701c0945c$eb3eaff0$0300a8c0@magus>
next in thread | previous in thread | raw e-mail | index | archive | help
--mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 11, 2001 at 02:00:36PM -0500, William Wong wrote: > Hi there, >=20 > I wondering why only protocol 1 is enabled by default in sshd? Is there a > risk with using protocol 2 (or both?) It's not - you must have an out of date file, or are using an old version of -stable (very old versions of OpenSSH didn't support protocol 2). The risk is actually with protocol 1 -- it has protocol flaws which have been known for quite a while, independent of the recently discovered attacks. You should disable it unless you need it. Kris --mP3DRpeJDSE+ciuQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6hvN7Wry0BWjoQKURAnkMAKD8aP9UFGwgVFsC6O/XR4mB/sNseQCfZSKl cNrVHPU/KPNP9af8h0338v0= =hYDD -----END PGP SIGNATURE----- --mP3DRpeJDSE+ciuQ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010211121803.A78601>