Subject: Re: inetd.conf defaults
To: None <>
From: Greg A. Woods <>
List: tech-net
Date: 05/30/2000 16:24:03
[ On Tuesday, May 30, 2000 at 15:01:31 (-0400), Andrew Brown wrote: ]
> Subject: Re: inetd.conf defaults
> if you run ssh (version 2) to connect to a machine which is version 1,
> ssh (version 2) will exec ssh1 (if possible) for you so that you can
> connect.
> likewise, if you run ssh (version 1) and connect to a version 2
> server, the version 2 server will exec sshd1 (again, if possible) for
> you, so that you can connect.

Those features should not be used except under duress (eg. for a very
short period while all clients are upgraded).  It has been strongly by
several folks, including SSH's author, that backward compatability with
SSH-v1 actually makes SSH-v2 somewhat less secure than SSH-v1 alone.
Discussion of this can probably still be found in SSH mailing list
archives, if you can find them....  I'm still not sure why the SSH folks
caved in and accepted the patch which enabled this feature.

							Greg A. Woods

+1 416 218-0098      VE3TCP      <>      <robohack!woods>
Planix, Inc. <>; Secrets of the Weird <>