Re: Time to look put more resources into FreeSSH ?
From: Jason Stone (jason-fbsd-security@shalott.net)
Date: 06/25/02
- Next message: Brian Nelson: "Re: How to check if "UsePrivilegeSeparation" works in OpenSSH?"
- Previous message: Alfred Perlstein: "ENOUGH!!! Re: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd)"
- In reply to: Darren Reed: "Time to look put more resources into FreeSSH ?"
- Next in thread: veedee@c7.campus.utcluj.ro: "Re: Time to look put more resources into FreeSSH ?"
- Reply: veedee@c7.campus.utcluj.ro: "Re: Time to look put more resources into FreeSSH ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Jun 2002 00:51:56 -0700 (PDT) From: Jason Stone <jason-fbsd-security@shalott.net> To: Darren Reed <avalon@coombs.anu.edu.au>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> What do others think about creating a little "bio-diversity" and
> moving from OpenSSH to FreeSSH at some point in the future as the
> "default" ssh installed ?
I'm very much in favor of "biodiversity," but if you're talking about
FreSSH (fressh.org), then, as far as I'm aware, it's a) only v1, and b)
pretty dead.
Personally, I'm exploring the feasibility of non-ssh alternatives
(ssl-wrapped versions of telnet/rsh/etc, enterprise-wide ipsec and
telnet/rsh/etc, etc...). Does anyone have any other ideas along these
lines?
But yeah, definitely biodiversity. ssh has embraced and extended rsh to
the point where people depend on all sorts of features that are unique to
ssh (and aren't even directly security related), and openssh is really the
only mature, featureful, supported and free implementation out there, so
when stuff like this comes up, we're really pretty helpless....
-Jason
-----------------------------------------------------------------------
I worry about my child and the Internet all the time, even though she's
too young to have logged on yet. Here's what I worry about. I worry
that 10 or 15 years from now, she will come to me and say "Daddy, where
were you when they took freedom of the press away from the Internet?"
-- Mike Godwin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg
iD8DBQE9GCEcswXMWWtptckRAmlSAKDI/vFLFM6KauPR7B/sec1h1JYGTACeNpJJ
03JM05KMrhU1ft527IN2ddM=
=0e9O
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Brian Nelson: "Re: How to check if "UsePrivilegeSeparation" works in OpenSSH?"
- Previous message: Alfred Perlstein: "ENOUGH!!! Re: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd)"
- In reply to: Darren Reed: "Time to look put more resources into FreeSSH ?"
- Next in thread: veedee@c7.campus.utcluj.ro: "Re: Time to look put more resources into FreeSSH ?"
- Reply: veedee@c7.campus.utcluj.ro: "Re: Time to look put more resources into FreeSSH ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
