From owner-freebsd-security Thu Jan 31 8: 3:10 2002 Delivered-To: freebsd-security@freebsd.org Received: from brea.mc.mpls.visi.com (brea.mc.mpls.visi.com [208.42.156.100]) by hub.freebsd.org (Postfix) with ESMTP id EA55837B41E for ; Thu, 31 Jan 2002 08:02:59 -0800 (PST) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by brea.mc.mpls.visi.com (Postfix) with ESMTP id 0CB892DE1D1; Thu, 31 Jan 2002 10:02:59 -0600 (CST) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.1/8.11.1) id g0VG2wa00823; Thu, 31 Jan 2002 10:02:58 -0600 (CST) (envelope-from hawkeyd) Date: Thu, 31 Jan 2002 10:02:58 -0600 From: D J Hawkey Jr To: David Rhodus , security at FreeBSD Subject: Re: OpenSSH protocol 1 in FBSD 4.5-REL Message-ID: <20020131100258.A750@sheol.localdomain> Reply-To: hawkeyd@visi.com References: <20020131093630.A645@sheol.localdomain> <08d301c1aa6e$4548d4d0$1506810a@asgidavid> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <08d301c1aa6e$4548d4d0$1506810a@asgidavid>; from sdrhodus@sekurity.net on Thu, Jan 31, 2002 at 10:45:12AM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jan 31, at 10:45 AM, David Rhodus wrote: > > Yes, that has been fixed. Cool. I have several boxes whose SSH doesn't (and cant!) do protocol 2. One final Q: If those boxes uses ISC's SSH protocol 1 to connect to my 4.5-REL box, is the connection secure [against man-in-the-middle, etc.] attacks? I do understand that those boxes are vulnerable to incoming protocol 1 attacks, but they don't run the daemon, they only do outgoing connections. Thanks again, Dave -- ______________________ ______________________ \__________________ \ D. J. HAWKEY JR. / __________________/ \________________/\ hawkeyd@visi.com /\________________/ http://www.visi.com/~hawkeyd/ > ----- Original Message ----- > From: "D J Hawkey Jr" > To: "security at FreeBSD" > Sent: Thursday, January 31, 2002 10:36 AM > Subject: OpenSSH protocol 1 in FBSD 4.5-REL > > > Hi All. Sorry if this has been covered, but I didn't see the answer in the > > archives. > > > > Did the security hole(s) in OpenSSH protocol 1 get fixed for the release > > of FreeBSD 4.5? > > > > TIA, > > Dave > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message