Date: Sun, 13 May 2001 15:11:50 -0700 From: Peter Wemm <peter@wemm.org> To: thomas@cuivre.fr.eu.org Cc: hackers@FreeBSD.ORG Subject: Re: SSH Must Die Message-ID: <20010513221150.C499B380C@overcee.netplex.com.au> In-Reply-To: <20010514000028.B59747@melusine.cuivre.fr.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thomas Quinot wrote: > Le 2001-05-13, Peter Wemm écrivait : > > > The simplest thing is to do a ssh-keygen to generate a new RSA key and > > update ~/.ssh/authorized_keys2 once per remote machine that you connect > > to. Once that is done, it never bothers you again. You can change > > /etc/ssh/ssh_config so that it says 'Protocol 1,2', but that is avoiding > > the problem rather than using the more robust, cryptographically secure > > sshv2 wire protocol. > > Ah. This seems to work around the very unfortunate situation described in > PR bin/27264. It seems very strange that one has to change the setup > on the *server* side to work around a regression on the client side. > > Why cannot one use the same RSA public key for v1 and v2 client > authentication? That is something that I'd like to know too. RSA keys are RSA keys, regardless of how they are encoded. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010513221150.C499B380C>