OpenSSH (portable) and entropy gathering

Markus Friedl markus at
Sat Oct 6 06:01:04 EST 2001

On Fri, Oct 05, 2001 at 11:59:14AM -0400, Dan Astoorian wrote:
> OpenSSH still has the ability to enable RhostsAuthentication, and you
> don't even have to explicitly configure that option in at compile time,

because openssh should have no compile time option.

> if I'm not mistaken.  And for compatability reasons, I believe the
> client still supports "cipher none"

no, it does not.

> (though the server, rightly, does
> not).  I can't imagine that allowing ssh to be forced to proceed with
> poor entropy is a bigger risk than those.


More information about the openssh-unix-dev mailing list