[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Keys generated by "/etc/rc.d/sshd"
On Thu, 29 May 2008 07:57:40 +0300
johan.wallen+lists%helsinki.fi@localhost (Johan Wallén) wrote:
> Matthias Scheler <tron%zhadum.org.uk@localhost> writes:
> > "/etc/rc.d/sshd" still generates host keys for the SSH protocol
> > version 1. Would anybody object if I remove that part?
> I think that all support for SSH protocol version 1 should be removed
> -- that protocol version has several fatal problems. If I remember
> correctly, the expected time to extract an SSH v1 server key via the
> protocol is around one day. There is a reason why ssh.com stopped
> supporting version 1.
Are you talking about dropping server support only or client support,
too? Unfortunately, there are servers out there (especially in
embedded devices) that only support v1.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Main Index |
Thread Index |