5 Oct
2000
5 Oct
'00
11:49 a.m.
Having read the rest of the thread, I see that this was already covered. My apologies for the twice wasted bandwidth. -- Joseph W. Shaw - jshaw@insync.net Computer Security Consultant and Programmer Free UNIX advocate and all around nice guy. On Thu, 5 Oct 2000, Joe Shaw wrote:
No, he's not confused. Supposedly, using any algorithm other than 3DES with SSH1 can set you up for some type of stream insertion attack. I've never seen it personally, but supposedly the threat does exist.
Furthermore, OpenSSH supports ssh2 and is free, in both the free beer and the free speech way. The BSD license is cool like that.
-- Joseph W. Shaw - jshaw@insync.net