|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Brett Glass (brett
lariat.org)Date: Mon Jul 01 2002 - 22:08:35 CDT
Garrett, I agree with you. I have wiped the base install from
every machine I administer and built OpenSSH-portable 3.4 instead.
I've also turned off ChallengeResponseAuthentication on many
machines, as well as protocol version 2 on machines where it's
not needed. (SSH 1.5 is *slightly* less secure against man-in-the-
middle attacks than 2, but not enough to matter -- and all of the
recent holes have been in SSH 2.)
--Brett
At 12:50 PM 7/1/2002, Garrett Wollman wrote:
>I don't care about the base-install ssh. Personally, I'd rather it
>didn't exist, and I think admins who install it need to have their
>heads checked. So there!
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]