2003-09-16T15:55:07 Ron DuFresne: > Don't see many posts from you these day Bennett, good to see > you live <smile>. It's gotten busy out, surely it has. > Got a pointer? Whenever I can't find some ssh implementation, I go shopping on the "Alternatives" link section in www.openssh.com. The lsh link there, <URL:http://www.net.lut.ac.uk/psst/>, seems current and correct. > I'd seek out myselfm, but have a huge project that's eating me up > at present. lsh has several library dependancies, so there's a little bit of go back and back before it builds. So hold off looking at it until you've got a little more time:-). Once it does build, lshd is easy to get going, lsh takes a little bit more fiddling --- its known_hosts facility is in a state of flux, let us say. > SSH and openssl is fast heading down the > upgrade,patch,upgrade,patch scenerio of sendmail and wu_ftpd in > the 90's. This last one broke my camel's back. OpenSSH sshd begone. And so it has. Cool! > > It's ssh v2 only; I think that's a transition whose time has come. > > This I will agree to fully, though, since we see the R* commands persist, > and ftpd refuses to die, the list goes on. Different constraints in different environments. I don't install ftp servers, or rsh clients or servers, on my own systems. On other systems, with external constraints forcing the use of such stuff, I do the best I can. I'm a lot more concerned about the server side than the client side, though. Right now I wouldn't run an OpenSSH sshd exposed to the internet; lshd is fine there. People who can't get sshv2 clients can go away. I expect I'll be keeping around an OpenSSH ssh client for some time. > Don't a number of appliances also use ssh1 and are not > upgradeable? Yup. Maybe some of 'em are vulnerable, too. -Bennett
Attachment:
pgp00029.pgp
Description: PGP signature