Subject: Re: Proposal: Disable SSHd Protocol v1 by Default (WAS: Re: ssh
To: Thor Lancelot Simon <email@example.com>
From: Brian A. Seklecki <firstname.lastname@example.org>
Date: 03/14/2002 14:38:03
On Thu, 14 Mar 2002, Thor Lancelot Simon wrote:
first off, thanks for the feedback.
> There have been *dozens* of security holes *in the original Ylonen SSH
> implementation*, which needless to say have shown up in its progeny, the
> F-Secure, OpenSSH, and SSH.COM implementations, but they haven't been
> protocol related; generally they have been simple examples of bad
> programming practice.
So, from a pesemism standpoint, you're saying it's not worth the change,
simply because the code is so poor? "Don't bother, then...there are
bigger issues at hand" ?
You seem to describe OpenSSH as a ticking time-bomb.
> There are good reasons to use the version 2 SSH protocol, but your
> reasoning about what they are relies upon a false premise. Try again.
Everything credible I've read indicates that the most secure
implementation involves exclusive use of protocol 2, DSA keys (empty
passphrase or not), disabling superfluous features like 'PermitRootLogin',
'PermitEmptyPasswords', X/11 forwarding, and of course, ACL's, either via
libwrap or ipf limiting which hosts can connect.