perl-modperl-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <>
Subject Re: ssh2
Date Tue, 11 Jan 2000 14:05:53 GMT
> On Tue, 11 Jan 2000, Stas Bekman wrote:
> > I just wanted to remind that there was a security hole found in ssh1, and
> > most of the sites I work with have already moved to ssh2 protocol. Do you
> > think should do the same?
> Actually the security hole was in the RSAref libraries, and I've updated
> and securifyied everything appropriately within hours of seeing the
> bugtraq post.

So it's secured now, right?

> I refuse to update to SSH2 because the new protocol is an attempt by
> F-Secure to grab hold of the momentum behind the open-source SSH for
> itself.  SSH2 provides no material advantages, and its server is non-free
> (not just non-open-source, non-free in other wats).  The effort to support
> is OpenSSH -  I installed their daemon but it had
> interoperability problems with SecureCRT so I bailed on it, but I plan to
> return to it once it's got more stability.

Yes, I've heard that OpenSSH is not yet cleaned out.

Stas Bekman
single o-> + single o-+ = singlesheaven

View raw message