From owner-freebsd-stable Tue Oct 2 18: 7:41 2001 Delivered-To: freebsd-stable@freebsd.org Received: from ptavv.es.net (ptavv.es.net [198.128.4.29]) by hub.freebsd.org (Postfix) with ESMTP id 9E86537B403 for ; Tue, 2 Oct 2001 18:07:39 -0700 (PDT) Received: from ptavv.es.net (localhost [127.0.0.1]) by ptavv.es.net (8.10.1/8.10.1) with ESMTP id f9317Sk12340; Tue, 2 Oct 2001 18:07:28 -0700 (PDT) Message-Id: <200110030107.f9317Sk12340@ptavv.es.net> To: Zvezdan Petkovic Cc: stable@FreeBSD.ORG Subject: Re: SSH Problem In-reply-to: Your message of "Tue, 02 Oct 2001 20:58:00 EDT." <20011002205800.A24931@dali.cs.wm.edu> Date: Tue, 02 Oct 2001 18:07:28 -0700 From: "Kevin Oberman" Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Date: Tue, 2 Oct 2001 20:58:00 -0400 > From: Zvezdan Petkovic > Sender: owner-freebsd-stable@FreeBSD.ORG > > I do not understand why FreeBSD still distributes OpenSSH 2.3.x as > default and OpenSSH 2.9 as a port. As you can see it is already at 2.9.9 > version. If you still use Protocol 1 you should be aware that your > system is _very_ vulnerable since there is a software that can sniff on > that version of SSH protocol. _RUN_ and update to Protocol 2 and > preferably the latest OpenSSH version. :-) It does not distribute 2.3 with either stable or current. It was included (with security patches) in 4.4-release. From 4.4-stable: > ssh -V OpenSSH_2.9 FreeBSD localisations 20010713, SSH protocols 1.5/2.0, OpenSSL 0x0090601f R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message