From owner-freebsd-security  Sat Jul  6 12:40:44 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 02B3F37B400; Sat,  6 Jul 2002 12:40:42 -0700 (PDT)
Received: from mail.tgd.net (mail.tgd.net [209.81.25.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id A9B4A43E09; Sat,  6 Jul 2002 12:40:41 -0700 (PDT)
	(envelope-from sean@mail.tgd.net)
Received: by mail.tgd.net (Postfix, from userid 1001)
	id 48F1A20F01; Sat,  6 Jul 2002 12:40:40 -0700 (PDT)
Date: Sat, 6 Jul 2002 12:40:40 -0700
From: Sean Chittenden <sean@chittenden.org>
To: Dag-Erling Smorgrav <des@ofug.org>
Cc: Trevor Johnson <trevor@jpj.net>, Mike Tancsa <mike@sentex.net>,
	Ruslan Ermilov <ru@FreeBSD.ORG>, security@FreeBSD.ORG
Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1]
Message-ID: <20020706124040.D43307@ninja1.internal>
References: <20020705094314.C73784-100000@blues.jpj.net> <xzpit3utgcq.fsf@flood.ping.uio.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <xzpit3utgcq.fsf@flood.ping.uio.no>; from "des@ofug.org" on Fri, Jul 05, 2002 at = 04:11:01PM
X-PGP-Key: 0x1EDDFAAD
X-PGP-Fingerprint: C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD
X-Web-Homepage: http://sean.chittenden.org/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> > Use of protocol version 1 makes an insertion attack possible, according to
> > <URL:http://www.openssh.com/security.html>.
> 
> That same page also explains that OpenSSH contains code to make such
> attacks very difficult.
> 
> >                                              The vulnerability was
> > published by CORE SDI in June of 1998.  I would like to see protocol
> > version 1 disabled by default, with a note in UPDATING about the change.
> 
> No.  I will not arbitrarily lock users out of their machines.

How about making it just proto 2 in -CURRENT and use that as the
version to phase out proto 1.  With all of the other security goodies
going into 5.0, it seems like 5.0 would be shooting itself in the foot
to have SSH1 enabled with HMAC and some of the other ACL fun.
Besides, 5.0 seems like a nice transition point to begin phasing out
SSH1. -sc

-- 
Sean Chittenden

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message