An update on SSH protocol 1

Nico Kadel-Garcia nkadel at
Wed May 4 22:22:58 AEST 2016

On Tue, May 3, 2016 at 10:14 AM, Damien Miller <djm at> wrote:
> On Tue, 3 May 2016, Colin Watson wrote:

>> My plan for Debian (and thus Ubuntu etc.) is therefore that, once SSHv1
>> is entirely removed from OpenSSH, I will split out the
>> openssh-client-ssh1 binary package to be built from a separate source
>> package which will remain frozen at the last OpenSSH release that
>> supported SSHv1.  As before, this will ship only scp1, ssh1, and
>> ssh-keygen1 binaries.

>> Notwithstanding all this, the plan of removing all this obsolete code
>> from OpenSSH proper makes a lot of sense to me and I have no complaints
>> there.
> Your plan sounds emminently reasonable and I'll repeat my thanks
> for your helping the transition by making separate -ssh1 packages.

It's also pretty funny to see a reversal of the old says when ssh-1
and ssh-2 were originally published, separately, and OpenSSH was able
to integrate the code bases to provide one set of binaries. Pulling
SSH-1 out of the server codebase is very sensible at this point. I'm
slightly concerned that people with older hardware, such as various
older firewalls, may find themselves with a problem.

More information about the openssh-unix-dev mailing list