Incompatability between 1.2.27 NO-RSA and openssh-latest

Richard E. Silverman res at shore.net
Mon Oct 9 03:20:35 EST 2000


On Sun, 8 Oct 2000, Igmar Palsenberg wrote:

> > On Sun, Oct 08, 2000 at 02:37:44PM +0200, Igmar Palsenberg wrote:
> > > Client side :
> > > SSH Version 1.2.27 [i586-unknown-linux], protocol version 1.5.
> > > Standard version.  Does not use RSAREF.
> > > 
> > > Linux 2.2.16
> > > 
> > > Server side :
> > > OpenSSH 2.2.0 without RSA
> > 
> > ssh version 1.2.x can never talk to a openssh version without RSA.
> 
> I doubt that.. This Linux machine is running OpenSSH 2.1.0 and is able
to
> talk to 1.2.27 just fine. 
> 
> The linux machine is compiled without RSA support, so that would mean it
> would give the same problems.

No, Markus is correct.  The SSH-1 protocol explicitly uses the RSA
algorithm.  There is no option to use it without RSA, nor is there any
option to compile ssh-1.2.x "without RSA;" such a thing would have no
meaning.

One possible source of confusion; when you say "1.2.27 NO-RSA," are you
inferring that from the "Does not use RSAREF" in the version announcement?
All that means is that it is using its internal RSA implementation, as
opposed to the RSAREF library from RSADSI (now defunct and pointless, due
to the patent expiration).

Anyway, if you compile OpenSSH against an OpenSSL built without RSA,
OpenSSH will only be able to do protocol 2.

-- 
  Richard Silverman
  slade at shore.net







More information about the openssh-unix-dev mailing list