Subject: Re: Proposal: Disable SSHd Protocol v1 by Default (WAS: Re: ssh config path change (/etc -> /etc/ssh))
To: Nathan J. Williams <nathanw@wasabisystems.com>
From: Johan A. van Zanten <johan@ewranglers.com>
List: netbsd-users
Date: 03/14/2002 19:37:07
---In message <mtuhenix1mx.fsf@contents-vnder-pressvre.mit.edu>

johan (sometimes known to me as "me") said:
>> However, when deciding whether or not to make v1 disabled in the NetBSD
>> default config., should we not take into account that there is a
>> currently-available tool (dsniff) which can be used against v1 but not v2?

Nathan J. Williams replied:
>We should not take this into account. Rather, we should assume that
>such a tool already exists and is in use.

So then it seems as if you are suggesting that v1 be disabled in the
default NetBSD config., and additionally, that "StrictHostKeyChecking"
be set to "yes". Is that correct? Anything else?

 --johan