Date: Mon, 30 Jan 2017 21:36:31 -0800 From: Heasley <heas@shrubbery.net> To: jungle Boogie <jungleboogie0@gmail.com> Cc: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>, freebsd-security@freebsd.org Subject: Re: fbsd11 & sshv1 Message-ID: <0A1A9F5A-0102-4FED-9B82-E081C29103AD@shrubbery.net> In-Reply-To: <CAKE2PDu7yjfDLZt4O%2BF9k6GnF%2BFLCvXXfY=NkcS01iyyrofhmg@mail.gmail.com> References: <20170127173016.GF12175@shrubbery.net> <867f5c66yr.fsf@desk.des.no> <20170130195226.GD73060@shrubbery.net> <CAKE2PDsBWB65zN3hX=2%2BOoiXrK1W=TsMa6Ck5pnKGn=Dg0k69g@mail.gmail.com> <20170130222443.GL73060@shrubbery.net> <CAKE2PDu7yjfDLZt4O%2BF9k6GnF%2BFLCvXXfY=NkcS01iyyrofhmg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 30.01.2017 um 14:52 schrieb jungle Boogie <jungleboogie0@gmail.com>: >=20 >> On 30 January 2017 at 14:24, heasley <heas@shrubbery.net> wrote: >> Mon, Jan 30, 2017 at 01:56:03PM -0800, jungle Boogie: >>>> On 30 January 2017 at 11:52, heasley <heas@shrubbery.net> wrote: >>>> Mon, Jan 30, 2017 at 01:57:32PM +0100, Dag-Erling Sm=C3=B8rgrav: >>>>> heasley <heas@shrubbery.net> writes: >>>>>> So, what is the BCP to support a v1 client for outbound connections o= n fbsd >>>>>> 11? Hopefully one that I do not need to maintain by building a speci= al ssh >>>>>> from ports. Is there a pkg that I'm missing? >>>>>=20 >>>>> FreeBSD 10 supports SSHv1 and will continue to do so. FreeBSD 11 and 1= 2 >>>>> do not, and neither does the openssh-portable port. I'm afraid you wi= ll >>>>> have to find some other SSH client. >>>>=20 >>>> That is sad; I doubt that I am the only one who would need this - there= >>>> are millions of Cisco, HP, and etc network devices that folks must cont= inue >>>> to access but will never receive new firmware with sshv2. It takes a l= ong >>>> time for some equipment to transition to the recycle bin - even after >>>> vendor EOLs. >>>=20 >>> Well you have about 7 months until it's deprecated from openssh. >>> What's wrong with continuing to use openSSH 7.4 post sshv1 >>> deprecation? >>=20 >> whats wrong with providing a 7.4+v1 port for everyone to use? >=20 > What will happen when 7.4 gets a vulnerability, then? I don't think > you or I will be patching it (or anyone else) and therefore, the > port/pkg will be knowingly vulnerable. >=20 > Why do we want that? So you ate advocating telnet? Such a client is likely better still than teln= et, which is the only alternative.=20 Without a pkg, folks are forced to maintain it themselves. Which is more lik= ely to receive less attention between now and EoS for v1? Dont make choices for or impose your rhetoric upon others, provide them the t= ools to make their choices.=20 >=20 > --=20 > ------- > inum: 883510009027723 > sip: jungleboogie@sip2sip.info
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0A1A9F5A-0102-4FED-9B82-E081C29103AD>