Date: 05 Jul 2002 07:02:53 -0500 From: Larry Rosenman <ler@lerctr.org> To: Dag-Erling Smorgrav <des@ofug.org> Cc: Mike Tancsa <mike@sentex.net>, Ruslan Ermilov <ru@FreeBSD.ORG>, security@FreeBSD.ORG Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] Message-ID: <1025870573.401.1.camel@lerlaptop.lerctr.org> In-Reply-To: <xzphejepfd7.fsf_-_@flood.ping.uio.no> References: <20020705073634.GA64656@sunbay.com> <20020705073634.GA64656@sunbay.com> <5.1.0.14.0.20020705073043.01c52198@192.168.0.12> <xzphejepfd7.fsf_-_@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2002-07-05 at 06:45, Dag-Erling Smorgrav wrote: > [moving from -stable to -security, bcc: to -stable and security-team] > > Mike Tancsa <mike@sentex.net> writes: > > As a lot has changed with OpenSSH in FreeBSD, perhaps now is a good > > time to make the 2,1 the default instead ? > > I'd like that. I think the only reason for the old default was not to > surprise users who had the ssh1 RSA host key in their known_hosts but > not the ssh2 DSA host key. > > What do people think about this? Keep 2,1 or revert to 1,2? It would seem that this is an appropriate time. SSH1 is old, and SSH2 is mature enough. With all the other changes, this wouldn't be a big POLA violation. -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: ler@lerctr.org US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1025870573.401.1.camel>