[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    Re: Keep users in their home directory
From:       David Knaack <dknaack () rdtech ! com>
Date:       2001-05-31 19:51:08
[Download RAW message or body]

On Thu, 31 May 2001, White Vampire wrote:
> Security concerns do not
> necessarily equate to vulnerabilities.  There are some concerns with
> implementation, but nothing all that major.  Why not use SSH2 anyway?

Not all clients support SSH2.  We use Putty as the ssh client on windows
boxes here.  However, putty does not support DSA (or whatever it is) keys
for use with SSH2, so users must be prompted for a password.  Fine, except
when you try to tunnel cvs through ssh using the plink utility, it hangs
waiting for a password.  Without changing to a new client, I'm stuck with
SSH1, and its just easier to deal with SSH1.

No, its not that hard to switch, but the security risk isn't worth the
trouble it would take to switch.  Particularly when the correct (IMO)
solution is to add the missing feature to the offending software.

Thats about the only reason I can think of for keeping ssh1 around.
DK

[prev in list] [next in list] [prev in thread] [next in thread]