On 3 Feb 2017, at 12:04, heasley wrote:
> Fri, Feb 03, 2017 at 03:13:44PM +1100, Ian Smith:
>> Nobody 'forbids' you from making such a port, for your own use and/or
>> for others. See Peter Jeremy's suggestion re where it might be placed
>> and what sort of dire warnings it ought to announce; I e
On Friday, February 03, 2017 05:04:52 PM heasley wrote:
> Fri, Feb 03, 2017 at 03:13:44PM +1100, Ian Smith:
> > Nobody 'forbids' you from making such a port, for your own use and/or
> > for others. See Peter Jeremy's suggestion re where it might be placed
> > and what sort of dire warnings it ou
Fri, Feb 03, 2017 at 03:13:44PM +1100, Ian Smith:
> Nobody 'forbids' you from making such a port, for your own use and/or
> for others. See Peter Jeremy's suggestion re where it might be placed
> and what sort of dire warnings it ought to announce; I expect SO and
> ports secteam would insist o
On Fri, 3 Feb 2017 00:53:31 +, heasley wrote:
> Wed, Feb 01, 2017 at 11:15:10AM +0100, Dag-Erling Smørgrav:
> > > i'm suggesting a port with a v1 client; that is built with all the other
> > > binary ports for abi changes and whatever else is reasonable. yes, i
> > > can build my own, but
Tue, Jan 31, 2017 at 04:41:27PM -0500, Michael Toth:
> There is a non-graphical port of putty (putty-nogtk) which installs plink
That seems usable. thanks
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-s
Wed, Feb 01, 2017 at 11:15:10AM +0100, Dag-Erling Smørgrav:
> > i'm suggesting a port with a v1 client; that is built with all the other
> > binary ports for abi changes and whatever else is reasonable. yes, i
> > can build my own, but i feel it should be a port.
>
> You mean like net/tcpdump398,
On 2017-Jan-30 19:52:26 +, heasley wrote:
>Mon, Jan 30, 2017 at 01:57:32PM +0100, Dag-Erling Smørgrav:
>> heasley writes:
>> > So, what is the BCP to support a v1 client for outbound connections on fbsd
>> > 11? Hopefully one that I do not need to maintain by building a special ssh
>> > from
At 05:11 AM 2/1/2017, Piotr Kubaj via freebsd-security wrote:
We shouldn't forbid people to shoot themselves in their heads. If
someone needs it, they should get, especially since it won't
require much maintainance.
Just repocopy the port and mark as deprecated and vulnerable next
time there's
On Wed, Feb 01, 2017 at 05:31:28AM -0800, Roger Marquis wrote:
> > I believe FreeBSD should just have a slave port with OpenSSH 7.4, used only
> > for SSHv1. People using such port should know the consequences of it.
>
> This could be a good candidate for a new ports category,
>
>/usr/ports/
I believe FreeBSD should just have a slave port with OpenSSH 7.4, used only
for SSHv1. People using such port should know the consequences of it.
This could be a good candidate for a new ports category,
/usr/ports/legacy
If implemented there is a lot of code, in both ports and base, that
sho
> You mean like net/tcpdump398, which was forked from net/tcpdump because
> some people liked its output format better than that of tcpdump 4, and
> then forgotten, and is known to have dozens of security vulnerabilities?
We shouldn't forbid people to shoot themselves in their heads. If someone ne
heasley writes:
> Dag-Erling Smørgrav writes:
> > You know what would be even sadder? If the OpenSSH developers had
> > to continue to devote significant resources to maintaining a rat's
> > nest of legacy code [...]
> I was not suggesting that openssl maintain their apparently messy
> code; the
On 1/31/2017 3:17 PM, heasley wrote:
Tue, Jan 31, 2017 at 01:24:29PM +0100, Dag-Erling Smørgrav:
heasley writes:
Dag-Erling Smørgrav writes:
FreeBSD 10 supports SSHv1 and will continue to do so. FreeBSD 11
and 12 do not, and neither does the openssh-portable port. I'm
afraid you will have
Tue, Jan 31, 2017 at 01:24:29PM +0100, Dag-Erling Smørgrav:
> heasley writes:
> > Dag-Erling Smørgrav writes:
> > > FreeBSD 10 supports SSHv1 and will continue to do so. FreeBSD 11
> > > and 12 do not, and neither does the openssh-portable port. I'm
> > > afraid you will have to find some other
I believe FreeBSD should just have a slave port with OpenSSH 7.4, used only for
SSHv1. People using such port should know the consequences of it.
Debian does it too with https://packages.debian.org/stretch/openssh-client-ssh1
signature.asc
Description: PGP signature
On Fri, Jan 27, 2017 at 05:30:17PM +, heasley wrote:
> I do appreciate fbsd's and openssh's altruism with the removal of v1 support.
> But, the fact is that there is equipment in the wild that does not support
> v2 and never will and otherwise works perfectly fine, yet sshv1 is still a
> better
Am 30.01.2017 um 14:52 schrieb jungle Boogie :
>
>> On 30 January 2017 at 14:24, heasley wrote:
>> Mon, Jan 30, 2017 at 01:56:03PM -0800, jungle Boogie:
On 30 January 2017 at 11:52, heasley wrote:
Mon, Jan 30, 2017 at 01:57:32PM +0100, Dag-Erling Smørgrav:
> heasley writes:
>>
heasley writes:
> Dag-Erling Smørgrav writes:
> > FreeBSD 10 supports SSHv1 and will continue to do so. FreeBSD 11
> > and 12 do not, and neither does the openssh-portable port. I'm
> > afraid you will have to find some other SSH client.
> That is sad;
You know what would be even sadder? If t
> On 30 Jan 2017, at 20:52, heasley wrote:
>
> That is sad; I doubt that I am the only one who would need this - there
> are millions of Cisco, HP, and etc network devices that folks must continue
> to access but will never receive new firmware with sshv2. It takes a long
> time for some equipm
On 01/30/2017 09:36 PM, Heasley wrote:
whats wrong with providing a 7.4+v1 port for everyone to use?
What will happen when 7.4 gets a vulnerability, then? I don't think
you or I will be patching it (or anyone else) and therefore, the
port/pkg will be knowingly vulnerable.
Why do we want that?
Mon, Jan 30, 2017 at 01:56:03PM -0800, jungle Boogie:
> On 30 January 2017 at 11:52, heasley wrote:
> > Mon, Jan 30, 2017 at 01:57:32PM +0100, Dag-Erling Smørgrav:
> >> heasley writes:
> >> > So, what is the BCP to support a v1 client for outbound connections on
> >> > fbsd
> >> > 11? Hopefully
On 30 January 2017 at 14:24, heasley wrote:
> Mon, Jan 30, 2017 at 01:56:03PM -0800, jungle Boogie:
>> On 30 January 2017 at 11:52, heasley wrote:
>> > Mon, Jan 30, 2017 at 01:57:32PM +0100, Dag-Erling Smørgrav:
>> >> heasley writes:
>> >> > So, what is the BCP to support a v1 client for outboun
On 30 January 2017 at 11:52, heasley wrote:
> Mon, Jan 30, 2017 at 01:57:32PM +0100, Dag-Erling Smørgrav:
>> heasley writes:
>> > So, what is the BCP to support a v1 client for outbound connections on fbsd
>> > 11? Hopefully one that I do not need to maintain by building a special ssh
>> > from
Mon, Jan 30, 2017 at 01:57:32PM +0100, Dag-Erling Smørgrav:
> heasley writes:
> > So, what is the BCP to support a v1 client for outbound connections on fbsd
> > 11? Hopefully one that I do not need to maintain by building a special ssh
> > from ports. Is there a pkg that I'm missing?
>
> FreeB
heasley writes:
> So, what is the BCP to support a v1 client for outbound connections on fbsd
> 11? Hopefully one that I do not need to maintain by building a special ssh
> from ports. Is there a pkg that I'm missing?
FreeBSD 10 supports SSHv1 and will continue to do so. FreeBSD 11 and 12
do n
I do appreciate fbsd's and openssh's altruism with the removal of v1 support.
But, the fact is that there is equipment in the wild that does not support
v2 and never will and otherwise works perfectly fine, yet sshv1 is still a
better choice than telnet.
So, what is the BCP to support a v1 client
26 matches
Mail list logo
