nanog mailing list archives
Re: telnet vs ssh on Core equipment , looking for reasons why ?
From: Rafi Sadowsky <rafi-nanog () meron openu ac il>
Date: Wed, 1 Aug 2001 08:43:09 +0300 (IDT)
On Tue, 31 Jul 2001, Charles Sprickman wrote:
On Tue, 31 Jul 2001, Kevin Steves wrote:On Tue, 31 Jul 2001, Charles Sprickman wrote: :6) Finding a unix ssh that supports 3DES and DES.
DES(not 3DES) is a compile time option for SSH1 (default is not to support DES) Try to convince to person in charge of SSH that even SSH1+DES while weak is much better than cleartext tel-net .... - Rafi
: :I curse those OpenSSH folks for making me have to trudge through the code :to find out how to get DES working... DES is supported in openssh for protocol 1 in the client with ssh -c des.Ooops. The FreeBSD port I built from is trailing a bit: spork@tiny[~]$ ssh -V SSH Version OpenSSH_2.2.0, protocol versions 1.5/2.0. And: spork@tiny[~]$ ssh -c des 216.223.x.x Unknown cipher type 'des' However it appears newer versions include it, but warn you: oscar[/var/spool/tftp/ios]# ssh -c des -l foo 216.223.x.x Warning: use of DES is strongly discouraged due to cryptographic weaknesses foo@216.223.x.x's password: Sorry for the noise, Charlesalso, does anyone curse cisco for refusing to support ssh protocol 2? they have much more resources than the openssh team.
Current thread:
- Re: telnet vs ssh on Core equipment , looking for reasons why ? Rafi Sadowsky (Jul 31)
- <Possible follow-ups>
- RE: telnet vs ssh on Core equipment , looking for reasons why ? Roeland Meyer (Jul 31)