From owner-freebsd-current Mon Mar 6 22:52:21 2000 Delivered-To: freebsd-current@freebsd.org Received: from not.demophon.com (vpn.iscape.fi [195.170.146.67]) by hub.freebsd.org (Postfix) with ESMTP id 556E037BDCF for ; Mon, 6 Mar 2000 22:52:17 -0800 (PST) (envelope-from will@not.demophon.com) Received: (from will@localhost) by not.demophon.com (8.9.3/8.8.7) id IAA72293; Tue, 7 Mar 2000 08:49:09 +0200 (EET) (envelope-from will) To: Edwin Kremer Cc: freebsd-current@freebsd.org Subject: Re: openssh question References: <200003060833.AAA18027@windsor.research.att.com> <200003060920.CAA57713@harmony.village.org> <20000306112939.A24401@cs.uu.nl.newsgate.clinet.fi> From: Ville-Pertti Keinonen Date: 07 Mar 2000 08:49:09 +0200 In-Reply-To: Edwin Kremer's message of "6 Mar 2000 12:29:55 +0200" Message-ID: <86og8r2s2i.fsf@not.demophon.com> Lines: 23 X-Mailer: Gnus v5.5/XEmacs 20.4 - "Emerald" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Edwin Kremer writes: > " OpenSSH is based on my version from back in 1995 or 1996. The OpenSSH > " folks have fixed many of the (security) bugs in that version, but not > " all of them when I last checked. Some of the problems in SSH1 are > " very fundamental. > " > " I do not recommend use of OpenSSH (or SSH1 generally, for that matter). > > > There hasn't been much followup on this. Anybody here who cares to > comment on this? What issues are relevant here and how bad is it? The uid-swapping code is still used by OpenSSH despite the fact that it can cause all sorts of security problems. Not all problems apply to all platforms, but I can't remember all of them and wouldn't rely on them not to cause problems on OpenBSD or FreeBSD (IIRC there are some that do). This has been fixed in later (less free) versions of ssh1. There are a number of ways to fix it. Basically switching uids from root to a user and back needs to be avoided. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message