Date: Fri, 05 Jul 2002 10:55:19 -0700 From: "Kevin Oberman" <oberman@es.net> To: Dag-Erling Smorgrav <des@ofug.org> Cc: Mike Tancsa <mike@sentex.net>, Ruslan Ermilov <ru@FreeBSD.ORG>, security@freebsd.org Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] Message-ID: <20020705175519.B31B95D03@ptavv.es.net> In-Reply-To: Your message of "05 Jul 2002 13:45:56 %2B0200." <xzphejepfd7.fsf_-_@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
> From: Dag-Erling Smorgrav <des@ofug.org> > Date: 05 Jul 2002 13:45:56 +0200 > Sender: owner-freebsd-stable@FreeBSD.ORG > > [moving from -stable to -security, bcc: to -stable and security-team] > > Mike Tancsa <mike@sentex.net> writes: > > As a lot has changed with OpenSSH in FreeBSD, perhaps now is a good > > time to make the 2,1 the default instead ? > > I'd like that. I think the only reason for the old default was not to > surprise users who had the ssh1 RSA host key in their known_hosts but > not the ssh2 DSA host key. > > What do people think about this? Keep 2,1 or revert to 1,2? Keep 2,1. It's the best for many reasons and it's about time to live with a bit of astonishment. It should be added to UPDATING, though. (Let's keep the astonishment to a minimum. FWIW, I changed my systems to 2,1 at least 4 months ago. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020705175519.B31B95D03>