Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
RE: [suse-security] ssh, kernel updates
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Thu, 15 Feb 2001 00:22:05 +0100 (MET)
  • Message-id: <Pine.LNX.4.30.0102150011140.20470-100000@xxxxxxxxxxxx>
>
> I agree completely with this. I see no reason to run a restrictive
> commercial program on a OS that is Free Software especially when there is a
> Free/Open alternative that works really well.

Good point.

> I'm using OpenSSH 2.3.0p1. It works really well for me. I've experienced
> no problems whatsoever. Earlier releases of OpenSSH did have a tendence to
> crash but things change rapidly especially in open source software.
>
> I'd like to see a response to Roman's comment about OpenSSH lacking
> functionality and stability.


I think I will have to give it another try. I was running backups (tar
through an ssh stdio connection) through openssh, the version we had
before 2.3.0p1 (don't remember it), and with two machines it crashed every
once in a while. But as you said, things change rapidly in the open source
community. Which makes me glad that I work with it.

A brief question: Has anybody seen any problems like crashes, terminated
connections or anything alike after some weeks of permanent connection, a
few hundred megs running through it with all kinds of data, with thousands
of connection forward attempts (both X11 as well as tcp ports) or
anything like that with the latest openssh versions?

> Frankly, SSH1 worries me. It seems inherently insecure and is featured on
> Bugtraq about as often as wuftpd - Exploit of the Month Club. ;)

I disagree with that. There have been some problems, but others did, too.
Two incidents in two years don't make a good statistics yet. The ssh code
reads very cleanly, and in many corners you can see that it has been
writen thoughtfully and with security in mind.

> M

Btw, Holger van Lengerich notified me that the URLs do not match.

Please change ftp.suse.com to read ftp.suse.de. The ssh updates are on the
German side of the world because of licensing and weapons export issues.
:-) The sums match, though.
Thanks for the note, Holger.

Later...
Roman.
--
- -
| Roman Drahtm├╝ller <draht@xxxxxxx> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| N├╝rnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -



< Previous Next >
Follow Ups
References