port-mac68k: Re: Off-Topic: NiftyTelnet with SSHv2 question

Subject: Re: Off-Topic: NiftyTelnet with SSHv2 question
To: Henry B. Hotz <hotz@jpl.nasa.gov>
From: gabriel rosenkoetter <gr@eclipsed.net>
List: port-mac68k
Date: 09/22/2000 17:32:15

On Fri, Sep 22, 2000 at 10:52:38AM -0700, Henry B. Hotz wrote:
> Thanks for the response.  I forwarded part of it to the JPL-sysadmin 
> mailing list.  Seems a lot of JPL SA's are sticking to ssh1 even 
> though we have a free site license to ssh2 because they need to 
> support Mac clients and they think they can't run both.

Well, they can run ssh.com's ssh2 on top of ssh1 (install ssh1 first
or you'll be really sorry) without any noticeable trouble. Or they can
run OpenSSH and never have to think about it.

:^>

> No change, though there is a new, free, unrelated ssh2 client that 
> doesn't quite work yet.  (It was announced on the mac-crypto list.) 
> Unlike the F-secure clients NiftyTelnet supports scp.

The F-Secure client looks pretty, but I've found it pretty useless.

> I'm running 1.2.27 on Solaris, and on NetBSD/macppc 1.5 alpha 1.  My 
> remaining Mac68k box is only a IIcx and probably couldn't handle it 
> well.  Almost all of the client connections in my case are from MacOS 
> so there seems little reason to figure out why people think SSH2 is 
> better.  I'm interested to see that OpenSSH is now getting 
> recommendations that it may be ready for prime time.

Yep. It's been ready for primetime on OpenBSD since it was released,
really, but the ports haven't been well behaved more than a month or
two (and I don't trust the Solaris port just yet, but "I" is by
comittee--cs.swarthmore.edu... were it up to me, I'd probably have it
installed).

> For NetBSD I'm using the pkgsrc-patched-source, but I had to do the 
> configure and install the old fashioned way in order to get .rhosts 
> authentication to work.  The only difference I see that might matter 
> is --without-rsh.  Why anyone would want to run ssh with rsh fallback 
> escapes me since that would defeat the whole point of ssh.  Why the 
> default configuration isn't --without-rsh *really* escapes me.

Hrm.

Well, I don't use .rhosts, so...

As far as the rsh issue, I agree.

Isn't it possible to edit the pkgsrc Makefile's CFLAGS for stuff like
that, though?

       ~ g r @ eclipsed.net