SSH trademarks and the OpenSSH product name

Brian Friday bfriday at LaSierra.edu
Thu Feb 15 01:54:32 EST 2001 


I have used secure shell, SSH 1, 2 and now recently SFTP in the
administering and normal use of my servers. Our campus like many others has
made a concerted effort to completely remove insecure protocols and
connection methods. The catch in migrations is getting users to move
in a relatively painless manner.

In late 1998 when I decided to try out SSH2 I had the unfortunate time of
trying to get a straight and complete answer on how and when I could or
could not use SSH in my daily duties. The license included appeared dense
confusing and contradictory. No one I talked with (which included ssh.com
people) had any answer to my questions only rumor and assumption.

I was left with the decision to move to "free" SSH.com products with
possible dubious licenses or remain in the status quo of using clear text
services and protocols. It was a tuff decision but we stuck with the enemy
we knew, SSH was available for our Computer Science and academic people.

I like to play by the rules and because your company continued to release
license after license that gave the educational user/reader the
"impression" of usability, but continually avoid specific language to that
effect. I could never justify the cost of having a lawyer review and
explain in detail the "wherefore and what-nots" contained therein. The
F-Secure/Data-fellows/SSH.com's products thus have never been supported by
our campus.

I harbor no ill will to you or your associates Mr. Ylonen but as stated
in at least one e-mail the appearance of OpenSSH was not only a godsend
but allowed me to begin moving our whole campus to secure protocols. While
this process has not completed, through the efforts of OpenSSH developers,
testers and users to believe it to be an attainable goal.

Your recent posts to BUGTRAQ have been disturbing as they appear to be a
intense effort force users to SSH2 and alienate users of SSH1 by not
providing a clear upgrade path.  Thus OpenSSH is again a better product
for our campus as it supports both 1 & 2 in the same daemon which while
perhaps not as "secure" as the dueling daemons needed to provide the same
functionality in SSH.com products. It certainly gives me a viable solution
for our campus.

I think you have chosen a poor way of announcing your intentions, I also
think you'll find more ill will directed to you and your company because
of your message and your attitude. That will be your burden to bear and I
wish you luck as life can be extremely hard when you have to fight your
own words.

Sincerely,

Brian Friday
Systems Administrator
La Sierra University
(909) 785-2554 x2

More information about the openssh-unix-dev mailing list