[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssh protocol version 1 and 2 allowed?

Subject: Re: ssh protocol version 1 and 2 allowed?
From: tedu <grendel@zeitbombe.org>
Date: Fri, 5 Jul 2002 10:56:54 +0000
Cc: misc@openbsd.org
References: <4947.10.0.0.3.1025473925.squirrel@mail.sancho2k.net> <20020630141830.0d875bae.grendel@zeitbombe.org> <20020701101320.GC29536@schlund.de> <20020705102635.18227.qmail@oak.oeko.net>

"Toni Mueller" <openbsd-misc@oeko.net> wrote:

> > >The real problems with v1 have been corrected, as in deattack.c. 
> 
> so you say that using v1 is mostly safe (enough) now, not that much
> better than using v2?

It's good enough for me.  Do your own risk assessment.  In my situation
I need to have v1 enabled, because otherwise I couldn't login from a
large base of v1-only clients.

> Hmmm. A few months ago I switched everything to a recent OpenSSH and
> then everything to v2 only. Esp. when there were rumours that having
> v1 enabled should make the server suspectible to attacks w/o MITM.

I've heard some rumors recently about a root exploit that works against
v2 servers.  

-- 
Don't be humble; you're not that great.

References:
- Re: ssh protocol version 1 and 2 allowed?
  - From: Hannah Schröter <hannah@schlund.de>
- Re: ssh protocol version 1 and 2 allowed?
  - From: Toni Mueller <openbsd-misc@oeko.net>

Prev by Date: Netscape and MPEG
Next by Date: wi firmware
Prev by thread: Re: ssh protocol version 1 and 2 allowed?
Next by thread: Re: ssh protocol version 1 and 2 allowed?
Index(es):
- Date
- Thread