FYI: SSH1 now disabled at compile-time by default

Christoph Anton Mitterer calestyo at scientia.net
Wed Mar 25 14:15:42 AEDT 2015


On Wed, 2015-03-25 at 10:26 +1100, Damien Miller wrote: 
> OpenSSH git master now disabled SSH protocol 1 at compile time by
> default. If you want it back, then you'll need to pass --with-ssh1
> to configure before you build.
+1

- People who use SSH are expected to want security (which v1 doesn't
provide) - people wo actually don't want security, shouldn't have used
SSH in the first place, but could have used rsh, telnet, etc.

- Many distros shipped it anyway with v1 disabled.

- It's not removed from the code but just disabled at compile time, if
people really think they'd desperately need it, they can compile on
their own.


Good move!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5313 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150325/a71bd5df/attachment.bin>


More information about the openssh-unix-dev mailing list