Re: SSH-1.5-OpenSSH-1.2.3 of debian 2.2 is secure?

To: "Jürgen A. Erhard" <juergen.erhard@gmx.net>
Cc: debian-security@lists.debian.org
Subject: Re: SSH-1.5-OpenSSH-1.2.3 of debian 2.2 is secure?
From: Tollef Fog Heen <tollef@add.no>
Date: 05 May 2001 13:06:55 +0200
Message-id: <874rv0uka8.fsf@arabella.intern.opera.no>
In-reply-to: <05052001.1@wanderer.local.jae.ddns.org>
References: <Pine.LNX.4.21.0105041414580.25480-100000@SD4> <05052001.1@wanderer.local.jae.ddns.org>

* "Jürgen A. Erhard" 

| I'd see this as: non-ssl telnet is no lock.  SSH1 is 1 lock.  SSH2 is
| also 1 lock, but a much better (and more expensive) one.  ;-)

Well, you have Kerberos, you have SRP.  Both non-SSL, but still as
strong as SSH or better.  And you have OTP which protects the password
(but not the data).

-- 

Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.

Reply to:

References:
- Re: SSH-1.5-OpenSSH-1.2.3 of debian 2.2 is secure?
  - From: Debian Lists <debian@sdmud.org>
- Re: SSH-1.5-OpenSSH-1.2.3 of debian 2.2 is secure?
  - From: "Jürgen A. Erhard" <juergen.erhard@gmx.net>

Prev by Date: Re: Package/Mirror integrity?
Next by Date: Re: Package/Mirror integrity?
Previous by thread: Re: SSH-1.5-OpenSSH-1.2.3 of debian 2.2 is secure?
Next by thread: Package/Mirror integrity?
Index(es):
- Date
- Thread