On Thu, Mar 14, 2002 at 12:02:07PM +0000, xs@kittenz.org.cd.worst.com wrote:
> on Thu, Mar 14, 2002 at 03:49:39AM -0500, Brian A. Seklecki wrote:

> > But is convenience worth sacrificing security integrity?
> 
> If users aren't aware that shelling into their Linux 486 is faster than
> shelling into the same box running NetBSD is because NetBSD defaults to
> SSH2, it's going to lead to "NetBSD is so much slower than Linux, I think
> I'll stick with Linux." s/Linux/whateveros/g
> 
> As long as a secure default is documented with the fact it does cause
> this slow down and you can speed it up, sacrificing security, by using
> SSH1, then I think it's a good idea.

Fail Safe.   We dont even enable sshd by default.  A couple lines
of documentation near where one would look to throw the switch
should help dramatically. (ie: in the man page, and in
/etc/defaults/rc.conf )

> > *) Consequently the first run (rc.d/sshd keygen) will run more quickly as
> > there will only be 1 key to generate as opposed to 3.
> 
> DSA key generation is much slower than RSA. Time for RSA key generation
> becomes quite small compared to DSA. I think it's a good idea to keep
> all three keys generated, because otherwise if /etc/ssh/sshd.conf
> is changed so SSH1 is enabled, there won't be an RSA1 key for it to use.

This shouldnt happen all that often.  I still have a collection of
slow machines (ss1, ss1+, sun3/*, multias) that occasionally come
online via a netboot.  (Lets ignore the netboot/NFS specific issues,
its not germain to the discussin.)  Yes, it take them a while to
generate the keys each time i test out a new tree for the first
time.  I get over it.  Point being, its there for people to adjust
as they see fit.
 
> OpenSSH is a secure reimplementation of SSH (the implemenation) not
> a secure implementation of SSH (the protocol), imho.

And definitely not a secure redesign of the protocol.

-=erik.