On Tue, 31 Jul 2001, Charles Sprickman wrote:
On Tue, 31 Jul 2001, Kevin Steves wrote:
On Tue, 31 Jul 2001, Charles Sprickman wrote: :6) Finding a unix ssh that supports 3DES and DES.
DES(not 3DES) is a compile time option for SSH1 (default is not to support DES) Try to convince to person in charge of SSH that even SSH1+DES while weak is much better than cleartext tel-net .... - Rafi
: :I curse those OpenSSH folks for making me have to trudge through the code :to find out how to get DES working...
DES is supported in openssh for protocol 1 in the client with ssh -c des.
Ooops. The FreeBSD port I built from is trailing a bit:
spork@tiny[~]$ ssh -V SSH Version OpenSSH_2.2.0, protocol versions 1.5/2.0.
And:
spork@tiny[~]$ ssh -c des 216.223.x.x Unknown cipher type 'des'
However it appears newer versions include it, but warn you:
oscar[/var/spool/tftp/ios]# ssh -c des -l foo 216.223.x.x Warning: use of DES is strongly discouraged due to cryptographic weaknesses foo@216.223.x.x's password:
Sorry for the noise,
Charles
also, does anyone curse cisco for refusing to support ssh protocol 2? they have much more resources than the openssh team.