Date: Sun, 13 May 2001 14:24:29 -0700 From: Peter Wemm <peter@wemm.org> To: Mike Silbersack <silby@silby.com> Cc: Terry Lambert <tlambert2@mindspring.com>, Erik Trulsson <ertr1013@student.uu.se>, hackers@FreeBSD.ORG Subject: Re: SSH Must Die Message-ID: <20010513212429.EE3FD380C@overcee.netplex.com.au> In-Reply-To: <Pine.BSF.4.31.0105131544060.52994-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Silbersack wrote: > > On Sat, 12 May 2001, Terry Lambert wrote: > > > Erik Trulsson wrote: > > > Exactly how is rpping it out of FreeBSD supposed to make ssh work? > > > > I don't necessarily want it to work or not work, I just > > want it to quit being a pain in my backside. > > > > If it can't be made to upgrade correctly, then ripping it > > out also satisfies the criteria necessary to achieve the > > intended goal. > > Ok, backing this thread up briefly, two quick questions: > > 1. Is ssh working yet? Yes, it is working perfectly. The only problem is that it now works slightly differently to what people have expected. ie: it treats sshv1 rsa keys as totally seperate to sshv2 rsa keys. The simplest thing is to do a ssh-keygen to generate a new RSA key and update ~/.ssh/authorized_keys2 once per remote machine that you connect to. Once that is done, it never bothers you again. You can change /etc/ssh/ssh_config so that it says 'Protocol 1,2', but that is avoiding the problem rather than using the more robust, cryptographically secure sshv2 wire protocol. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010513212429.EE3FD380C>