Open SSH question
Jim Knoble
jmknoble at pobox.com
Tue Aug 26 08:37:05 EST 2003
Circa 2003-08-25 09:53:22 -0600 dixit STrujillo at BudgetTruck.com:
: If we download a copy of this software to a business machine for
: internal business usage only will we need to purchase licenses for
: each individual that will be accessing this application. [1]
:
: How do you protect your downloads from viruses when they are
: downloaded to keep my computer from getting infected? [2]
:
: Is Binary coding for compiling available for us to use? [3]
Circa 2003-08-25 13:25:28 -0600 dixit STrujillo at BudgetTruck.com:
[the same thing]
I've numbered your questions above, and my answers are numbered the
same way.
(1) OpenSSH is free software. You don't need to purchase any licenses
to use it. In fact, you can copy it, modify it, sell it,
distribute it, or hang it on your wall---the only requirement is
that you preserve the copyright notices included with the software.
By the same token, OpenSSH comes with no warranty. You can do
whatever you want with it, but there is no one to blame if
something goes wrong or if it does not meet your expectations.
(2) OpenSSH is generally distributed as "source code" which must be
configured, compiled, and installed onto a target system before it
is usable.
The OpenSSH source code is available from the locations listed on
the OpenSSH website ( http://www.openssh.com/portable.html ).
Detached cryptographic signatures are available from the same
locations. You can use the (freely available) GnuPG tool
( http://www.gnupg.org/ ) to verify the signature against the
archive containing the source code. The public key necessary to
validate the signatures is also available from the same locations
as the source code, but it's not a good idea to trust that key;
it's better to get the necessary key from a public keyserver (or,
even better, from someone you trust).
Various kinds of pre-compiled packages of OpenSSH are available;
you should only use these if you trust their source and can verify
the integrity of the packages yourself.
(3) See answer number 2 above.
Good luck.
--
jim knoble | jmknoble at pobox.com | http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
"We have guided missiles and misguided men." --Martin Luther King, Jr.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 256 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030825/7f49bc34/attachment.bin
More information about the openssh-unix-dev
mailing list