SH2 is supposed to be more secure. Stability, not sure about. However, one thing to think about... someone can load the local "exploit" dsniff on your machine. This makes ssh1 look as cleartext as telnet. Fortunately, it hasn't been done for ssh2 yet. Personally, I like using RSA keys. Make sure to disable xauth, that's another security risk... etc, etc.
On Fri, Feb 09, 2001 at 04:17:54PM +0100, Jonas Carlsson wrote:
> Christian Hammers wrote:
> > On Fri, Feb 09, 2001 at 03:28:11PM +0100, Jonas Carlsson wrote:
> > > Why does Debian only have SSH-1 not SSH-2 ?
> > It does not.
> > The ssh package at non-us.debian.org is ssh_2.3.0p1-1.11_i386.deb
> I have non-us.debian.org in my list.
> deb http://non-us.debian.org/debian-non-US potato/non-US main contrib
> Maybe ssh_2.3.0 exist in unstable ?
> Do I gain something in security if I install SSH-2 ?
> What is the difference between 1 and 2 ?
> // Jonas C
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org
- Re: SSH
- From: Ethan Benson <email@example.com>