[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssh protocol version 1 and 2 allowed?

Subject: Re: ssh protocol version 1 and 2 allowed?
From: tedu <grendel@zeitbombe.org>
Date: Sun, 30 Jun 2002 14:18:30 +0000
Cc: misc@openbsd.org
References: <4947.10.0.0.3.1025473925.squirrel@mail.sancho2k.net>

"Sancho2k Lists" <lists@sancho2k.net> wrote:

> Are my fears for using protocol version 1 unfounded, or am I rightly
> alarmed in connections using version 1 being allowed?  Would changing
> the 'Protocol' option to only allow version 2 introduce any problems
> if I intend to use version 2 for my connections only?

The real problems with v1 have been corrected, as in deattack.c.  The
remainder are mostly theoretical or very difficult to exploit.  However,
switching to only allowing v2 is fine.  You can also set the clients to
v2 only, so you aren't ever stuck in a situation where you only have a
v1 client available and can't login.

-- 
Don't be humble; you're not that great.

References:
- ssh protocol version 1 and 2 allowed?
  - From: "Sancho2k Lists" <lists@sancho2k.net>

Prev by Date: ssh protocol version 1 and 2 allowed?
Next by Date: Re: DNS resolver library exploit.
Prev by thread: ssh protocol version 1 and 2 allowed?
Next by thread: allowing gre through 3.0 firewall
Index(es):
- Date
- Thread