On 2017-Jan-30 19:52:26 +0000, heasley <heas at shrubbery.net>
wrote:>Mon, Jan 30, 2017 at 01:57:32PM +0100, Dag-Erling Sm?rgrav:
>> heasley <heas at shrubbery.net> writes:
>> > So, what is the BCP to support a v1 client for outbound
connections on fbsd
>> > 11? Hopefully one that I do not need to maintain by building a
special ssh
>> > from ports. Is there a pkg that I'm missing?
>>
>> FreeBSD 10 supports SSHv1 and will continue to do so. FreeBSD 11 and
12
>> do not, and neither does the openssh-portable port. I'm afraid you
will
>> have to find some other SSH client.
>
>That is sad; I doubt that I am the only one who would need this - there
>are millions of Cisco, HP, and etc network devices that folks must continue
>to access but will never receive new firmware with sshv2. It takes a long
>time for some equipment to transition to the recycle bin - even after
>vendor EOLs.
I firmly support the removal of SSHv1 from FreeBSD base. OTOH, I realise
that there may be reasons why old equipment is retained far longer than
desirable and agree that SSHv1 has some benefits over TELNET.
My suggestion is that someone? who has a pressing need for a SSHv1 client
creates a net/ssh1 port (ie not in the "security" category) that
installs a
client (only) that supports SSHv1 only, and comes with a big red flashing
"DANGER: INSECURE, DO NOT USE UNLESS YOU KNOW WHAT YOU ARE DOING"
warning.
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: not available
URL:
<http://lists.freebsd.org/pipermail/freebsd-security/attachments/20170202/8b84579e/attachment.sig>