SSH Clients

Sam Smith S at
Fri Feb 22 11:31:00 GMT 2002

On Fri, 22 Feb 2002, Kevin O'Connor wrote:
> > On Fri, 22 Feb 2002, Kevin O'Connor wrote:
> > > Why would any one still be running SSH1. Implementations of SSH2 that
> > > fallback on SSH1 for clients that cannot connect using SSH2 should be
> > > removed from servers to prevent a known security hole.
> > >
> >
> > Wouldn't it just be easier to upgrade the server to a non-vulnerable
> > version?
> There is no such thing as a non-vulnerable version of SSH1 If there
> was the problem with fallback in SSH2 would not exist.

You may want to read the whole of the following thread in the ssh
list archives:


  Consulting: If You're Not Part of the Solution, There's Good Money to
      be Made in Prolonging the Problem.

More information about the Ukfreebsd mailing list