Subject: Re: "ssh" with SSHv2 public key buggy?
To: Wojciech Puchar <wojtek@wojtek.3miasto.net>
From: Perry E. Metzger <perry@wasabisystems.com>
List: netbsd-users
Date: 10/08/2001 19:27:41
Wojciech Puchar <wojtek@wojtek.3miasto.net> writes:
> > Probably just a paranoid tendency, or perhaps a bad habbit.  On the other
> > hand, I also always set ServerKeyBits to 2048, regen /etc/host_dsa_key,
> > set Protocol=2 in /etc/sshd.conf, and alway drop "alias ssh='/usr/bin/ssh
> > -v -2' " into /etc/profile, then chmod 0000 /usr/bin/rsh, rlogin, etc.
> 
> V2 protocol is incredibly slow, even with default keysize.
> i always set Protocol=1,2 in sshd.conf and ssh.conf

The v1 protocol is insecure. I recommend against people ever using it
if they can help it.

The v2 protocol is in no way inherently slower than v1. If it is
slower for you, you're doing something wrong.

.pm
--
Perry E. Metzger		perry@wasabisystems.com
--
NetBSD Development, Support & CDs. http://www.wasabisystems.com/