Re: Keys generated by "/etc/rc.d/sshd"

To: Matthias Scheler <tron%zhadum.org.uk@localhost>
Subject: Re: Keys generated by "/etc/rc.d/sshd"
From: johan.wallen+lists%helsinki.fi@localhost (Johan Wallén)
Date: Thu, 29 May 2008 07:57:40 +0300

Hello,

Matthias Scheler <tron%zhadum.org.uk@localhost> writes:

> "/etc/rc.d/sshd" still generates host keys for the SSH protocol version 1.
> Would anybody object if I remove that part?

I think that all support for SSH protocol version 1 should be removed --
that protocol version has several fatal problems.  If I remember
correctly, the expected time to extract an SSH v1 server key via the
protocol is around one day.  There is a reason why ssh.com stopped
supporting version 1.

-- Johan

Follow-Ups:
- Re: Keys generated by "/etc/rc.d/sshd"
  - From: Steven M. Bellovin

References:
- Keys generated by "/etc/rc.d/sshd"
  - From: Matthias Scheler

Prev by Date: Re: Keys generated by "/etc/rc.d/sshd"
Next by Date: Re: Keys generated by "/etc/rc.d/sshd"
Previous by Thread: Re: Keys generated by "/etc/rc.d/sshd"
Next by Thread: Re: Keys generated by "/etc/rc.d/sshd"
Indexes:

Home | Main Index | Thread Index | Old Index