nanog mailing list archives
Re: RSA Patent Expired
From: "Bora Akyol" <akyol () akyol org>
Date: Thu, 5 Oct 2000 10:06:13 -0700
openssh source may be free but some of the libraries that it requires are GPLd. This causes problems for including the ssh code on routers etc. If I am mistaken, please email me privately, I would be glad to learn more about this. Bora ----- Original Message ----- From: "Joe Shaw" <jshaw () insync net> To: "Richard A. Steenbergen" <ras () e-gerbil net> Cc: "Richard Welty" <rwelty () vpnet com>; "Bill Fumerola" <billf () chimesnet com>; "Hendrik Visage" <hvisage () is co za>; "Bradly Walters" <bwalters () inet-direct com>; <nanog () merit edu> Sent: Thursday, October 05, 2000 8:41 AM Subject: RE: RSA Patent Expired
On Wed, 4 Oct 2000, Richard A. Steenbergen wrote:except that nobody should be using ssh1 for _anything_ if they can possibly avoid it. even the orginal authors of ssh are strongly advocating consigning ssh1 to the trash heap of computer security.I think you're confused, ssh1 is still a very valid protocol. It is well tested and proven, and in many cases better implemented then ssh2
(though
of course that may change eventually). Don't confuse the desire to make money with insecurity.No, he's not confused. Supposedly, using any algorithm other than 3DES with SSH1 can set you up for some type of stream insertion attack. I've never seen it personally, but supposedly the threat does exist. Furthermore, OpenSSH supports ssh2 and is free, in both the free beer and the free speech way. The BSD license is cool like that. -- Joseph W. Shaw - jshaw () insync net Computer Security Consultant and Programmer Free UNIX advocate and all around nice guy.
Current thread:
- Re: RSA Patent Expired, (continued)
- Re: RSA Patent Expired Bill Fumerola (Oct 03)
- RE: RSA Patent Expired Roeland M.J. Meyer (Oct 03)
- RE: RSA Patent Expired Richard A. Steenbergen (Oct 04)
- RE: RSA Patent Expired Enkhyl (Oct 04)
- RE: RSA Patent Expired Richard A. Steenbergen (Oct 04)
- Re: RSA Patent Expired Frater M.A.Ch.H. 999 (Oct 04)
- Re: RSA Patent Expired Richard A. Steenbergen (Oct 04)
- RE: RSA Patent Expired Enkhyl (Oct 04)
- RE: RSA Patent Expired Greg A. Woods (Oct 04)
- RE: RSA Patent Expired Joe Shaw (Oct 05)
- RE: RSA Patent Expired Joe Shaw (Oct 05)
- Re: RSA Patent Expired Bora Akyol (Oct 05)