Re: Does ssh support nonRSA PKC?
On Sat, Mar 11, 2000 at 03:10:12PM -0500, John Dalbec wrote:
> > all patent-encumbered algorithms removed (to external libraries), all
> ^^^=libssl09
> /usr/doc/libssl09/copyright:
> This version of openssl is NOT linked againts RSAREF, so it can not be
> used in the US without violating the RSA patent.
>
> The man page suggests that RSA is the only available public-key method:
>
> Note that by default sshd(8) will be installed so
> that it requires successful RSA host authentica-
> tion before permitting .rhosts authentication.
> --
> file, login is automatically permitted provided
> client and server user names are the same. Addi-
> tionally, successful RSA host authentication is
> normally required. This file should only be
> writable by root.
> --
>
> libcrypto.so.X.1 A version of this library which includes support
> for the RSA algorithm is required for proper op-
> eration.
>
> I suppose it won't hurt to use telnet for another 6 months.
> John
Thanks for the correction.
Depends, that's a risk mitigation question:
- What is your risk of being found to be infringing the RSA patents?
What is the maximum liability which could be incurred? Probability
of occurance?
- What is the risk of being hacked or compromised via telnet? What is
the maximum downside? Probability of occurance?
As I've been reminded lately, being an adult means making choices.
Sometimes it's between alternate evils.
--
Karsten M. Self (kmself@ix.netcom.com)
What part of "Gestalt" don't you understand?
Scope out Scoop: http://scoop.kuro5hin.org/
Nothin' rusty about Kuro5hin: http://www.kuro5hin.org/
Reply to: