Date: Fri, 5 Jul 2002 14:30:17 -0500 (CDT) From: hawkeyd@visi.com (D J Hawkey Jr) To: des@ofug.org, freebsd-security@freebsd.org Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] Message-ID: <200207051930.g65JUH220467@sheol.localdomain> In-Reply-To: <xzphejepfd7.fsf_-__flood.ping.uio.no@ns.sol.net> References: <5.1.0.14.0.20020705073043.01c52198_192.168.0.12@ns.sol.net> <xzphejepfd7.fsf_-__flood.ping.uio.no@ns.sol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <xzphejepfd7.fsf_-__flood.ping.uio.no@ns.sol.net>, des@ofug.org writes: > [moving from -stable to -security, bcc: to -stable and security-team] > > Mike Tancsa <mike@sentex.net> writes: >> As a lot has changed with OpenSSH in FreeBSD, perhaps now is a good >> time to make the 2,1 the default instead ? > > I'd like that. I think the only reason for the old default was not to > surprise users who had the ssh1 RSA host key in their known_hosts but > not the ssh2 DSA host key. > > What do people think about this? Keep 2,1 or revert to 1,2? The former. And note it in UPDATING. FWIW, I've been setting machines I'm responsible for to 2 only for some time now. > DES Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207051930.g65JUH220467>