RedHat forks OpenSSH?

Chris Adams cmadams at hiwaay.net
Wed Nov 10 08:13:36 EST 2004


Has anyone actually _asked_ Red Hat why they patch the code out?
Mailing list posts are not going to get answers, and I see nothing open
in bugzilla.redhat.com.

Someone said the reason may be trade secret (and I carried on the idea
as well as others), but it is more likely that they're doing it because
of the DMCA.  IIRC all the CSS lawsuits based on trade secrets have been
dropped or lost, while DMCA based suits are apparently succeeding.  Yes,
I realize how stupid the DMCA is, but the fact is that it is being
applied to CSS, but Red Hat has other legal battles to fight (like SCO).

I do have a question that it would be nice if someone could answer: why
would I want to use CSS as a cipher in SSH?  As I understand it, CSS is
a fairly weak algorithm; why would I want to use a weak encryption
method?

A different question: why are any of the ciphers being included in
OpenSSH?  I thought that's why OpenSSL was used (if not, why not just
put all the ciphers in OpenSSH and not require OpenSSL?).

-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.




More information about the openssh-unix-dev mailing list