Re: Why does openssh protocol default to 2?

From: Crist J. Clark (
Date: 02/18/01

Date: Sat, 17 Feb 2001 23:47:10 -0800
From: "Crist J. Clark" <>
To: Jan Conrad <>

On Fri, Feb 16, 2001 at 03:49:04PM +0100, Jan Conrad wrote:


> Don't you think in such an environment using SSH1 with
> RhostsRSAAuthentication would be reasonable (of course only if you *need*
> to provide users with an rsh like automatic login). Sure - you can be
> spoofed etc., the SSH connection could be attacked and whatnot but I would
> consider that to be harmless compared to the possibility to collect keys
> just by sniffing the net (and most people usually have keys without
> passphrases..).

Users can find a way to defeat most any system by choosing bad
passwords, sharing passwords, etc.

> I mean I just checked some University systems running ssh2 and ssh1 and I
> found really *lots* of keys in NFS mounted users homes... (sometimes 10%
> of the users had keys in their homes....)
> Maybe the conclusion is to put a warning into the manpages or into the
> default sshd_config saying something like 'be sure to switch
> xxxAuthentication of if you have NFS mounted homes'...
> What I would find reasonable is something like an .shosts mechanism for
> ssh2 or, better, but more complicated, having the keys themselves
> encrypted by some private key of the machine. Why should a user have
> access to a plain key?

OK, I am still not understanding why you believe SSH1 has advantages
over SSH2 when a user has NFS mounted home directories. The real
vulnerability to SSHx with NFS home directories is the threat that an
attacker may write to .ssh/authorized_keys*. If you can write to that
file, you can write to .shosts or .rhosts.

What attack is SSH2 vulnerable to which SSH1 is not?

Crist J. Clark                 
To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: ssh2
    ... And suddenly I had a dir ssh2 in /root which is not normal I think. ... The fact that the old keys were not used means either an incompetent hacker or just that you are connected to the wrong machine. ... ssh is not a thing i could say I master. ... Therefore I'm reasonably certain that this was created for an outgoing ssh connection. ...
  • Re: ssh2
    ... And suddenly I had a dir ssh2 in /root which is not normal I think. ... ssh is not a thing i could say I master. ... I changed the password and know this guy is trying to login again, ... Do the keys in the .ssh2 dir belong to anyone... ...
  • Re: Connection setup for SSH2 much slower than for SSH1 on Solaris8
    ... > JC> I'm seeing very slow connection setup using SSH2 vs SSH1... ... is it normal for SSH2 to take this much longer than SSH1? ... The Solaris-Linux vs Linux-Solaris results would seem to ...
  • Re: SSH 1.0 vs. 2.0
    ... SSH2 was a total rewite of the protocol. ... SSH limited He also wrote the SSH2 specs. ... In a nutshell SSH1 ... support if your business does not depend upon it. ...
  • Re: Ive been for a postmortem?
    ... > That SSH1 is not to be used for anything other than ... > vulnerable to several remote root attacks (thus the reason for SSH2). ... > SSH at all. ... because they use the same port and got ...