OpenSSH (portable) and entropy gathering
Markus Friedl
markus at openbsd.org
Sat Oct 6 06:01:04 EST 2001
On Fri, Oct 05, 2001 at 11:59:14AM -0400, Dan Astoorian wrote:
> OpenSSH still has the ability to enable RhostsAuthentication, and you
> don't even have to explicitly configure that option in at compile time,
because openssh should have no compile time option.
> if I'm not mistaken. And for compatability reasons, I believe the
> client still supports "cipher none"
no, it does not.
> (though the server, rightly, does
> not). I can't imagine that allowing ssh to be forced to proceed with
> poor entropy is a bigger risk than those.
-m
More information about the openssh-unix-dev
mailing list