authorized_keys2 directory idea

Markus Friedl markus.friedl at
Tue Jun 5 06:00:43 EST 2001

On Mon, Jun 04, 2001 at 10:41:44AM -0400, Rob Hagopian wrote:
> Indeed, you never did touch the code base, but you still had to add a
> number of features/changes to the code to support v2.

the protocol is documented in an ietf draft.

> I'd still maintain that the ssh v2 ability to store keys as files
> came (long) before openssh v2 support.

of course. more software has been written before openssh v2.

> Why even cater to those people? Even the FreeBSD security notices
> specificly mention that ssh v1 has inherent security problems.

you mix talk about protocol and implementation.

> I don't
> even see why it's turned on by default for a distribution that
> superficially appears so security concious.

so, what's the problem with protocol v1?

even if it had inherent security problems, it's not inherent
in the way the public keys are stored.

> Finally, if you don't want it in the code dists, what about a webpage with
> contrib patches? That would even give you an indication of popularity of
> these patches. Shutting out contributed code like this can only hurt the
> project in the long run...

i'm not shutting out contributed code.

More information about the openssh-unix-dev mailing list