From owner-freebsd-current  Wed Oct 23  9:16:48 2002
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2F8F037B401
	for <freebsd-current@FreeBSD.ORG>; Wed, 23 Oct 2002 09:16:47 -0700 (PDT)
Received: from HAL9000.homeunix.com (12-232-220-15.client.attbi.com [12.232.220.15])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AD75443E4A
	for <freebsd-current@FreeBSD.ORG>; Wed, 23 Oct 2002 09:16:46 -0700 (PDT)
	(envelope-from dschultz@uclink.Berkeley.EDU)
Received: from HAL9000.homeunix.com (localhost [127.0.0.1])
	by HAL9000.homeunix.com (8.12.6/8.12.5) with ESMTP id g9NGGh2w007833;
	Wed, 23 Oct 2002 09:16:43 -0700 (PDT)
	(envelope-from dschultz@uclink.Berkeley.EDU)
Received: (from das@localhost)
	by HAL9000.homeunix.com (8.12.6/8.12.5/Submit) id g9NGGhJu007832;
	Wed, 23 Oct 2002 09:16:43 -0700 (PDT)
	(envelope-from dschultz@uclink.Berkeley.EDU)
Date: Wed, 23 Oct 2002 09:16:43 -0700
From: David Schultz <dschultz@uclink.Berkeley.EDU>
To: Steven Ames <steve@virtual-voodoo.com>
Cc: Lucky Green <shamrock@cypherpunks.to>,
	freebsd-current@FreeBSD.ORG
Subject: Re: Request: remove ssh1 fallback
Message-ID: <20021023161643.GA7813@HAL9000.homeunix.com>
Mail-Followup-To: Steven Ames <steve@virtual-voodoo.com>,
	Lucky Green <shamrock@cypherpunks.to>, freebsd-current@FreeBSD.ORG
References: <007501c27a5c$27203fc0$6501a8c0@VAIO650> <20021023155753.GB7503@HAL9000.homeunix.com> <004401c27aad$740a5400$33d90c42@officescape.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <004401c27aad$740a5400$33d90c42@officescape.net>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

Thus spake Steven Ames <steve@virtual-voodoo.com>:
> > Making SSH 2 the default is one thing.  Removing SSH 1 as a
> > fallback altogether is going to break compatibility with other
> > systems like you'd never believe.  For example, I regularly need
> > to SSH into Solaris boxen running SSH 1.  These machines aren't
> > secure anyway, and since there's nothing I can do about it, I
> > don't want any surprises when I upgrade.
> 
> I think he was suggesting removing it from the sshd server, not
> the client. You can always specify the protocol on the command
> line with the client even if it didn't fall back... and again he's
> suggesting it for the default configuration, you can always change
> the configuration. I'm not necessarily for this change I just want
> to be sure what change is being suggested :)

In either case, you break compatibility.  Say I wanted to SSH from
those Solaris boxen to my home machine, for example.  (I don't,
but that's not the point.)  If my SSH server didn't have the SSH 1
fallback, there's nothing I could do from the command line to
allow me to log in.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message