Re: Licensing Questions regarding OpenSSH in the USA

[Jack Culpepper <jack@destro.newdream.net>]

> > > Is there a way to configure OpenSSH so that it does not use RSA to
> > > create or validate keys and thus avoiding the need to buy the
> > > commercial SSH server? I'm looking for something similar to the
> > > suggestions as proposed in ssl(8). I.E. use 3des to
> > encrypt keys etc.
> >
> > SSH protocol 1 uses the RSA algorith.
> >
> > There's nothing you can do about it.
> >
> > Want to help fund protocol 2 development?

Don't the ssh people already have a version 2?  Of course, if you ask me
it isn't much of an improvement -- just a heckavulot more complicated.  I
think it would have made sense to have ripped out the RSA key negotiation
stuff and replaced it with Diffie-Helman for openssh.  But now that the RSA
patent expiration is coming up so soon I can't convince myself it's worth
the effort.

I wonder though, are we really going to be allowed to use RSA freely after
Sept 21?  Or does RSA have a whole bunch of other patents tangled up in there
that will extend their period of fees indefinitely?  I have heard of places
doing this before.  I am not a lawyer, but I think there are certain ways to
stretch out the patent.

BTW, I have tried to get docs for the Intel IPSec card both through normal
channels and friends at Intel...to no avail.  Bummer.  I haven't tried
anything with 3Com yet, but I don't even know anyone that works there.  Sorry
Theo, I tried man.

jack