From owner-freebsd-security Sat Jul 6 21:33:12 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A774E37B400 for ; Sat, 6 Jul 2002 21:33:08 -0700 (PDT) Received: from walter.dfmm.org (walter.dfmm.org [209.151.233.240]) by mx1.FreeBSD.org (Postfix) with ESMTP id 50B4143E42 for ; Sat, 6 Jul 2002 21:33:08 -0700 (PDT) (envelope-from jason@shalott.net) Received: (qmail 7516 invoked by uid 1000); 7 Jul 2002 04:33:02 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 7 Jul 2002 04:33:02 -0000 Date: Sat, 6 Jul 2002 21:33:02 -0700 (PDT) From: Jason Stone X-X-Sender: To: Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1] In-Reply-To: <20020706142809.A2652@dali.cs.wm.edu> Message-ID: <20020706204840.C2631-100000@walter> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > > What do people think about this? Keep 2,1 or revert to 1,2? > > > > There is a whole lot of infrastructure surrounding ssh v1 keys out there, > > and it will all break if you change the default to v2. > > > > I usually keep silent but this really triggered me. > What do you mean when you say it will _all_ break? Currently, people have scripts and cronjobs which use ssh v1 keys for regular maintainence, data collection, etc. Users have v1 keys widely deployed to all the machines they use, etc. This is what I mean by infrastructure. When the default changes to v2, then when connections are made, v2 will be negotiated and the v1 keys will be ignored. So when users upgrade from 4.6 to 4.7, run their agent and try to login to remote machines, their keys won't be used. When admins upgrade from 4.6 to 4.7 on their networks, the maintainance scripts and cronjobs will suddenly stop working. This is what I mean by break. Yes, it is possible to either generate new keys or edit the config files to get the old behaviour back. But users expect that if their systems wotk with the defaults in 4.x, they'll continue to work in 4.x. > > With the 5.0-RELEASE on the not-too-distant horizon, I really think it > > best to not change default behaviour within a major release. Keep the > > default as it is - don't break people. > > Did you actually try this to claim so confidently that the switch will > _break_ them so badly? My experience is not that bad. No, no, you missed the point entirely - I'm not talking about functionality or stability, I'm talking about release engineering. We're all anxious to get rid of protocol v1, but a major change like that shouldn't happen within a major version of the OS. But people _do_ expect radical changes from one major version of the OS to another, and since 5.0 will be released soon, we should be content that v2 will be the default soon without our changing 4.x. -Jason ----------------------------------------------------------------------- I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQE9J8R+swXMWWtptckRArreAKCV30ZMxS2CyJpi4yB4N47rmTG3hQCgvCRN XruArVVYYB8LCuDEA7Hbogs= =Kena -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message