From owner-freebsd-current Wed Jul 17 19: 7:51 2002 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 26BE537B400 for ; Wed, 17 Jul 2002 19:07:48 -0700 (PDT) Received: from pakastelohi.cypherpunks.to (pakastelohi.cypherpunks.to [213.130.163.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACA2943E58 for ; Wed, 17 Jul 2002 19:07:47 -0700 (PDT) (envelope-from shamrock@cypherpunks.to) Received: from LUCKYVAIO (d160.nas2.sr2.sonic.net [208.201.229.160]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by pakastelohi.cypherpunks.to (Postfix) with ESMTP id 6435A36422 for ; Thu, 18 Jul 2002 04:07:45 +0200 (CEST) From: "Lucky Green" To: Subject: Suggestion to disable ssh1 in FreeBSD 5.0 Date: Wed, 17 Jul 2002 19:08:44 -0700 Message-ID: <002001c22c91$24e60690$6501a8c0@LUCKYVAIO> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG FreeBSD Gurus, I would like to suggest for the FreeBSD team to please consider disabling support for ssh1 in the default configuration of sshd starting with FreeBSD 5.0 for the following reasons: 1) The ssh1 protocol is fundamentally insecure. The protocol uses a CRC where a MAC is needed, permitting the insertion of data in to the connection. While there have been various patches over the years that attempt to detect attacks trying to exploit this security hole, no patch can ever fully fix this security hole. Sure, we may not at present know an exploit that could be successfully launched against the present ssh1, but few security experts feel comfortable another, or even several other, such exploit will not be found. Consequently, many security conscious folks long disabled ssh1 access to their servers. 2) While compatibility was once a problem, by now there are a sufficient number of free ssh2-capable clients available on wide range of platforms. It must be the rare case in which a server truly needs to maintain the use of ssh1 because there are no ssh2 clients for the client platform. (I can't even think of one such client platform, though don't doubt they exist). At any rate, ssh2-capable clients have become sufficiently widely available and will be even more widely available by the time FreeBSD 5.0 is released that compatibility is losing strength as an argument to leave ssh1 enabled by default. If somebody truly needs ssh1 they will know how to edit a config file. 3) Compatibility reducing security is typically not a good thing. I therefore would like to ask the FreeBSD team to please consider to, in the default configuration of FreeBSD 5.0, only enable ssh2 for sshd. Thanks, --Lucky Green To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message