Re: [suse-security] OpenSSH versus SSH
![](https://seccdn.libravatar.org/avatar/525e0953742a479cedb1ea9628f8fd66.jpg?s=120&d=mm&r=g)
At 07:47 PM 2/05/2001, you wrote:
looks like I didn't notice that SSH seems to be really commercial now. Is this right? Do I need to pay for it if I am still using it?
There are some exceptions however these are not in the actual license as far as I know, they are PR releases on the ssh.com website. I wouldn't completely trust it. In any event future usage is in question (remember, ssh used to be "free", Tatu sure has changed).
Is OpenSSH a full-featured substitute for SSH? Are there major problems in configuration to expect if I try to deinstall SSH and go for OpenSSH?
Yes, actually many (myself included) would say that OpenSSH is better then SSH. OpenSSH for example has incorporated various security fixes in the older protocols that Commercial SSH has not, the reason for this is SSH communications wants to kill off the old protocols to sell more software.
Something else to note: OpenSSH has grabbed a huge amount of market share and is growing. I know many many people using OpenSSH. Most SSH related articles I have read (and written =) use OpenSSH as the example and typically only mention commercial ssh as a footnote. I do not actually know of any company/etc using commercial ssh (if you are I'd like to know so I can claim I know at least one =).
OK, I'm going to have to chime it here Kurt (Yup, I know I've been quiet for a while.. Lots of international flights tend to eat into your spare time) SSH does not have ALOT of extra features compared to Open SSH, but it does have a few. Especially for people who run Windows desktops. Things like seemless SFTP from windows is a big advantage for the more clueless users who are not likely to be happy using pscp from a command line for instance. Infact, the ability the SSH service to run "properly" on WinNT/W2K also is obviously a big advantage. (I would never recommend someone put OpenSSH+Cygwin on a prod NT box) It also looks like SSH 3.0 is about to be released with full PKI support, which will be very nice, and mean that it will go from being a usefull/secure replacement for telnet/rcp/ftp to a VERY USEFUL tool that can be integrated into a companies PKI policy. (I personally can't wait for this!!) So to answer you question, Yes, I know MANY sites that run commercial SSH on both windows and any possible version of Unix you can name. Unfortunately I can't name names, but they don't get any bigger. (Stock Exchanges, Banks, Insurance Companies, Government Departments, etc) Personally however, I use OpenSSH on all my Unix boxes :-) Cheers --- Nix - nix@susesecurity.com http://www.susesecurity.com
participants (1)
-
Nix