<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2652.35">
<TITLE>RE: [PATCH] Add scp -1 and -2 options to OpenSSH-3.0.2p1</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>Nothing wrong with the code as much out our crappy implementation. We've got horrendous ssh_config and sshd_configs that don't integrate well with each others or the OS's we support. X11 forwarding is fundamentally broken, paths are poor, uselogin is inconsistant, etc. It's pretty much a recipe for everyone avoiding ssh like the plague, esp since while info security and my group (unix architecture) were wise enough to mandate that ssh must go on all servers, they forgot to mandate that telnet, ftp, and r* had to come off. Plus the dunderheads in info security like obfuscation so much that they mandated that we use a non-standard port which they were unfortunately not clueful enough to avoid high ports, so it'd be trivial to for a normal user to put a trojaned daemon on a box that's not running ssh.</FONT></P>
<P><FONT SIZE=2>*sigh* Doing things right is a never-ending battle.</FONT>
</P>
<P><FONT SIZE=2>Thanks,</FONT>
<BR><FONT SIZE=2>--Jason Lacoss-Arnold, Systems Technical Specialist</FONT>
<BR><FONT SIZE=2>Technical Services - Unix Arch.</FONT>
<BR><FONT SIZE=2>314-955-8501</FONT>
</P>
<BR>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Markus Friedl [<A HREF="mailto:markus@openbsd.org">mailto:markus@openbsd.org</A>]</FONT>
<BR><FONT SIZE=2>Sent: Monday, January 28, 2002 11:20</FONT>
<BR><FONT SIZE=2>To: Lacoss-Arnold, Jason</FONT>
<BR><FONT SIZE=2>Cc: 'mouring'; Wichert Akkerman; openssh-unix-dev@mindrot.org</FONT>
<BR><FONT SIZE=2>Subject: Re: [PATCH] Add scp -1 and -2 options to OpenSSH-3.0.2p1</FONT>
</P>
<BR>
<P><FONT SIZE=2>On Mon, Jan 28, 2002 at 10:46:59AM -0600, Lacoss-Arnold, Jason wrote:</FONT>
<BR><FONT SIZE=2>> Personally, I wish it was in the current release as it'd greatly aid our</FONT>
<BR><FONT SIZE=2>> migration efforts (from a poorly done 2.5.1 implementation)</FONT>
</P>
<P><FONT SIZE=2>what's wrong with 2.5.1 ?</FONT>
</P>
<P><FONT SIZE=2>> and is a lot</FONT>
<BR><FONT SIZE=2>> easier to communigate to clueless users.</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> We've finally managed to piggyback a real ssh deployment onto a high profile</FONT>
<BR><FONT SIZE=2>> project, and some of the user education is really sucking.</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> Thanks,</FONT>
<BR><FONT SIZE=2>> --Jason Lacoss-Arnold, Systems Technical Specialist</FONT>
<BR><FONT SIZE=2>> Technical Services - Unix Arch.</FONT>
<BR><FONT SIZE=2>> 314-955-8501</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> -----Original Message-----</FONT>
<BR><FONT SIZE=2>> From: mouring [<A HREF="mailto:mouring@etoh.eviladmin.org">mailto:mouring@etoh.eviladmin.org</A>]</FONT>
<BR><FONT SIZE=2>> Sent: Monday, January 28, 2002 9:48</FONT>
<BR><FONT SIZE=2>> To: Wichert Akkerman</FONT>
<BR><FONT SIZE=2>> Cc: openssh-unix-dev@mindrot.org</FONT>
<BR><FONT SIZE=2>> Subject: Re: [PATCH] Add scp -1 and -2 options to OpenSSH-3.0.2p1</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> > Previously Markus Friedl wrote:</FONT>
<BR><FONT SIZE=2>> > > why do you need -1 and -2?</FONT>
<BR><FONT SIZE=2>> > </FONT>
<BR><FONT SIZE=2>> > Users want it, and it's very useful in situations where you need</FONT>
<BR><FONT SIZE=2>> > to specifiy the version due to existing keys, old servers, etc.</FONT>
<BR><FONT SIZE=2>> > </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> #1 - OpenSSH/OpenBSD is not Debian. What you do to the source is your </FONT>
<BR><FONT SIZE=2>> business, but you only add to the confusion (if there is any at all). </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> #2 - In TWO years of helping people with ssh compiling, configuring, and</FONT>
<BR><FONT SIZE=2>> using. I've seen SIX people (80% of them are on this list!) whine about</FONT>
<BR><FONT SIZE=2>> lack of -1/-2. The others where happy to use -oProtocol=[12] to do their</FONT>
<BR><FONT SIZE=2>> job.</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> NOW please.. tell me.. *WHERE* are these MASSES of people crying out for</FONT>
<BR><FONT SIZE=2>> the -1/-2 option for scp? SIX people out of almost a thousand plus</FONT>
<BR><FONT SIZE=2>> people I've interacted with.</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> <sigh> Waste of time..</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> - Ben</FONT>
<BR><FONT SIZE=2>> _______________________________________________</FONT>
<BR><FONT SIZE=2>> openssh-unix-dev@mindrot.org mailing list</FONT>
<BR><FONT SIZE=2>> <A HREF="http://www.mindrot.org/mailman/listinfo/openssh-unix-dev" TARGET="_blank">http://www.mindrot.org/mailman/listinfo/openssh-unix-dev</A></FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> ***************************************************************************************</FONT>
<BR><FONT SIZE=2>> WARNING: All e-mail sent to and from this address will be received or</FONT>
<BR><FONT SIZE=2>> otherwise recorded by the A.G. Edwards corporate e-mail system and is</FONT>
<BR><FONT SIZE=2>> subject to archival, monitoring or review by, and/or disclosure to,</FONT>
<BR><FONT SIZE=2>> someone other than the recipient.</FONT>
<BR><FONT SIZE=2>> ***************************************************************************************</FONT>
</P>
<CODE><FONT SIZE=3><BR>
<BR>
***************************************************************************************<BR>
WARNING: All e-mail sent to and from this address will be received or<BR>
otherwise recorded by the A.G. Edwards corporate e-mail system and is<BR>
subject to archival, monitoring or review by, and/or disclosure to,<BR>
someone other than the recipient.<BR>
***************************************************************************************<BR>
</FONT></CODE></BODY>
</HTML>