It seems to me you have the OPENSSH implementation of SSH. The SSH that is
being talked about in this thread is the "commercial" version of SSH.
Distinct difference :)
Microsoft: "Where would you like to go to today"
Linux: "Where would you like to go tomorrow"
FreeBSD: "Hey, when are you guys going to catch up"
> -----Original Message-----
> From: Scott Bigham [mailto:email@example.com]
> Sent: Friday, February 09, 2001 10:09
> To: firstname.lastname@example.org
> Subject: Re: SSH
> On Feb 9, 2001, Christian Hammers wrote:
> > The ssh package at non-us.debian.org is
> What worries me is, the version of ssh on my machine is listed as:
> ii ssh 2.1.1p4-2 Secure rlogin/rsh/rcp
> replacement (OpenSSH)
> which doesn't correspond to either the 2.3.0p1-1.11
> package in unstable
> or the 1.2.3-9.1 package in stable and testing -- or, for
> that matter,
> to the 1.2.3-9 version that (IIRC) was listed as the
> vulnerable version
> in the alert. And even with security.debian.org in my
> 'apt-get update; apt-get install ssh' insists that I have
> the latest
> version. Am I vulnerable? If so, what do I need to
> upgrade to, and
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact