perl-modperl-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <sbek...@iil.intel.com>
Subject Re: ssh2
Date Tue, 11 Jan 2000 14:05:53 GMT
> On Tue, 11 Jan 2000, Stas Bekman wrote:
> > I just wanted to remind that there was a security hole found in ssh1, and
> > most of the sites I work with have already moved to ssh2 protocol. Do you
> > think apache.org should do the same?
> 
> Actually the security hole was in the RSAref libraries, and I've updated
> and securifyied everything appropriately within hours of seeing the
> bugtraq post.

So it's secured now, right?

> I refuse to update to SSH2 because the new protocol is an attempt by
> F-Secure to grab hold of the momentum behind the open-source SSH for
> itself.  SSH2 provides no material advantages, and its server is non-free
> (not just non-open-source, non-free in other wats).  The effort to support
> is OpenSSH - www.openssh.org.  I installed their daemon but it had
> interoperability problems with SecureCRT so I bailed on it, but I plan to
> return to it once it's got more stability.

Yes, I've heard that OpenSSH is not yet cleaned out.

_______________________________________________________________________
Stas Bekman    mailto:sbekman@iname.com      http://www.stason.org/stas
Perl,CGI,Apache,Linux,Web,Java,PC     http://www.stason.org/stas/TULARC
perl.apache.org    modperl.sourcegarden.org   perlmonth.com    perl.org
single o-> + single o-+ = singlesheaven    http://www.singlesheaven.com


Mime
View raw message