FYI: SSH1 now disabled at compile-time by default
Gert Doering
gert at greenie.muc.de
Sat Mar 28 00:45:13 AEDT 2015
Hi,
On Fri, Mar 27, 2015 at 02:36:50PM +0100, Hubert Kario wrote:
> > Same thing with needing sshv1 to access old network gear where even sshv1
> > was an achievement. "Throw away gear that does its job perfectly well,
> > but has no sshv2 for *management*" or "keep around an ssh v1 capable
> > client"?
>
> If you depend on hardware like this, you should have support* for it. Exactly
> because issues like this.
>
> * - where "support" means that either you have other people responsible for
> fixing it or that you can hire other people to fix it as the need arises
You *definitely* need some real world exposure to the world of closed
source :-) - really.
Try opening a case with HP that their ILO is broken and stupid, and they
will happily sell you a new machine with a less broken ILO (or "differently"
broken), but not do stuff like "add sane ciphers to an ILO2". Same for
Cisco - of course you can buy a new machine with SSHv2, but for the old
one, they will do hardware replacement if it breaks, but no "new features
in the software"...
Yes, it would be so cool if we could just pay someone to put Linux on
our routing gear and give us a SSHv2 server (without breaking the functions
that the device is important for, like "routing"). Right.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the openssh-unix-dev
mailing list