authorized_keys2 directory idea
Markus Friedl
markus.friedl at informatik.uni-erlangen.de
Tue Jun 5 06:00:43 EST 2001
On Mon, Jun 04, 2001 at 10:41:44AM -0400, Rob Hagopian wrote:
> Indeed, you never did touch the code base, but you still had to add a
> number of features/changes to the code to support v2.
the protocol is documented in an ietf draft.
> I'd still maintain that the ssh v2 ability to store keys as files
> came (long) before openssh v2 support.
of course. more software has been written before openssh v2.
> Why even cater to those people? Even the FreeBSD security notices
> specificly mention that ssh v1 has inherent security problems.
you mix talk about protocol and implementation.
> I don't
> even see why it's turned on by default for a distribution that
> superficially appears so security concious.
so, what's the problem with protocol v1?
even if it had inherent security problems, it's not inherent
in the way the public keys are stored.
> Finally, if you don't want it in the code dists, what about a webpage with
> contrib patches? That would even give you an indication of popularity of
> these patches. Shutting out contributed code like this can only hurt the
> project in the long run...
i'm not shutting out contributed code.
More information about the openssh-unix-dev
mailing list