Date: Tue, 25 Jun 2002 11:22:46 +0300 From: veedee@c7.campus.utcluj.ro To: security@freebsd.org Subject: Re: Time to look put more resources into FreeSSH ? Message-ID: <20020625112246.A30267@c7.campus.utcluj.ro> In-Reply-To: <20020625004019.W5916-100000@walter>; from jason-fbsd-security@shalott.net on Tue, Jun 25, 2002 at 12:51:56AM -0700 References: <200206250632.QAA02400@caligula.anu.edu.au> <20020625004019.W5916-100000@walter>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 25, 2002 at 12:51:56AM -0700, Jason Stone wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > What do others think about creating a little "bio-diversity" and > > moving from OpenSSH to FreeSSH at some point in the future as the > > "default" ssh installed ? > > I'm very much in favor of "biodiversity," but if you're talking about > FreSSH (fressh.org), then, as far as I'm aware, it's a) only v1, and b) > pretty dead. true. "FreSSH currently implements SSH protocol version 1.5..." (http://www.fressh.org/ main page). > Personally, I'm exploring the feasibility of non-ssh alternatives > (ssl-wrapped versions of telnet/rsh/etc, enterprise-wide ipsec and > telnet/rsh/etc, etc...). Does anyone have any other ideas along these > lines? i think i read some threads about that some months ago. you might want to search the archives first. > But yeah, definitely biodiversity. ssh has embraced and extended rsh to > the point where people depend on all sorts of features that are unique to > ssh (and aren't even directly security related), and openssh is really the > only mature, featureful, supported and free implementation out there, so > when stuff like this comes up, we're really pretty helpless.... Just wanna say that if you are NOT falling into the "commercial category", ssh.com's server might be a better alternative than openssh (less buggy). I've been using it for years. Their latest version is 3.2.0 (http://www.ssh.com/products/ssh/download.cfm). # uname -a sshd2: SSH Secure Shell 3.2.0 (non-commercial version) on i386-unknown-freebsd4.6 For the rest of you though, OpenSSH is all you got if you want v2. :/ veedee. > > > -Jason > > ----------------------------------------------------------------------- > I worry about my child and the Internet all the time, even though she's > too young to have logged on yet. Here's what I worry about. I worry > that 10 or 15 years from now, she will come to me and say "Daddy, where > were you when they took freedom of the press away from the Internet?" > -- Mike Godwin > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (FreeBSD) > Comment: See https://private.idealab.com/public/jason/jason.gpg > > iD8DBQE9GCEcswXMWWtptckRAmlSAKDI/vFLFM6KauPR7B/sec1h1JYGTACeNpJJ > 03JM05KMrhU1ft527IN2ddM= > =0e9O > -----END PGP SIGNATURE----- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020625112246.A30267>