[olug] SSH v1 vs SSH v2 (was: Re: Another SSH Configuration Question|)
Brian Roberson
roberson at olug.org
Fri Apr 2 04:09:18 UTC 2004
On Thu, Apr 01, 2004 at 09:31:22PM -0600, Daniel Linder wrote:
> I (Daniel Linder) wrote:
> > V1 is older and more widely
> > supported, but if you are the only one getting onto the machine, then V2
> > is the way to go whenever possible.
> >
> > If I remember correctly (IIRC), the V1 protocol had some security issues
> > which made it easier to break into. V2 corrected these and added some
> > extra security features (added AES encryption and some enhanced port
> > forwarding if I remember correctly).
>
> Brian Roberson said:
> > Don't let Mathew Marsh ( Nebraska cert chief scientist ) find you in a
> > dark
> > alley - he is passionately against everything you just said :)
>
> (I have known Matthew for a few years now, so I know he knows a little bit
> about network security...*cough* http://www.paksecured.com/ *cough*)
I hear ya - I am in no way throwing FUD about him... I know his abilities
:)
>
> So, what "law" did I break in my above comments? ;-)
Let me try to depict how I beleive he would react to your comments....
First he would tell you that v2 did not "fix" any security flaws v1 had.
Second he would ramble a little while about da'rat and how he loves him :)
Then I think he would say how much he loves the idea of priv. seperation...
and so on and so on....
dont get me wrong, I am all for v2, just the copyleft junk in v1 is enough for
me to not like v1 :)
I am just recalling his talk he gave on this subject to olug a few months back...
>
> Dan
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
More information about the OLUG
mailing list