OpenSSH Questions

[achanak]

Heya,
  
   I'm trying to convince my company to use OpenSSH instead of the commercial SSH version. I need a little help:
  
 1. What features does OpenSSH offer over commercial SSH (besides being free and open source of course)?
  
 2. Our lawyers want details on the licensing / patents stuff. I have the high level details from the OpenSSH page. I need the nitty gritty like RSA patent# and references, license statements for Diffie Hellman, DSA, openSSL, zlib, and any other components, besides the official license statement for OpenSSH. Any pointers would be appreciated.
  
 3. The security folks want me to be able to disable tcp port forwarding and X11 forwarding in the binary. Commercial sshd has the compile
 time switches --disable-tcp-port-forwarding and --disable-X11-forwarding. How do I do this with openSSH?? (using the /etc/ssh_config directives is not an option - has to be a compile time switch).
  
 4. There's also a requirement that tcp port forwarding attempts be logged to syslog whether the compile time switch has disabled port forwarding or not. Commercial sshd currently offers this as well...can openssh do this too? I know it does regular syslog logging..not sure about port forwarding entries.
  
Thanks




--== Sent via Deja.com http://www.deja.com/ ==--
Before you buy.