heasley <heas at shrubbery.net> writes:> Dag-Erling Sm?rgrav <des at des.no> writes: > > FreeBSD 10 supports SSHv1 and will continue to do so. FreeBSD 11 > > and 12 do not, and neither does the openssh-portable port. I'm > > afraid you will have to find some other SSH client. > That is sad;You know what would be even sadder? If the OpenSSH developers had to continue to devote significant resources to maintaining a rat's nest of legacy code so 0.0001% of their users could continue to use an obsolete protocol to connect to obsolete equipment, instead of devoting those same resources to developing new features and improving existing ones. Especially when those users have plenty of alternatives to choose from, including but not limited to security/putty. DES -- Dag-Erling Sm?rgrav - des at des.no
Tue, Jan 31, 2017 at 01:24:29PM +0100, Dag-Erling Sm?rgrav:> heasley <heas at shrubbery.net> writes: > > Dag-Erling Sm?rgrav <des at des.no> writes: > > > FreeBSD 10 supports SSHv1 and will continue to do so. FreeBSD 11 > > > and 12 do not, and neither does the openssh-portable port. I'm > > > afraid you will have to find some other SSH client. > > That is sad; > > You know what would be even sadder? If the OpenSSH developers had to > continue to devote significant resources to maintaining a rat's nest of > legacy code so 0.0001% of their users could continue to use an obsolete > protocol to connect to obsolete equipment, instead of devoting those > same resources to developing new features and improving existing ones. > Especially when those users have plenty of alternatives to choose from, > including but not limited to security/putty.I was not suggesting that openssl maintain their apparently messy code; they're maintaining it already, for whatever the remaining period is. i'm suggesting a port with a v1 client; that is built with all the other binary ports for abi changes and whatever else is reasonable. yes, i can build my own, but i feel it should be a port. I appreciate the putty suggestion, but it appears to be graphical only. Happy to have it pointed-out that I've missed a port having v1. i also understand the devote position of buy new equipment to advance security; its simply not going to happen anytime soon. and i'm not alone. i'm not rich, i don't crontrol depreciation schedules, etc etc.
heasley <heas at shrubbery.net> writes:> Dag-Erling Sm?rgrav <des at des.no> writes: > > You know what would be even sadder? If the OpenSSH developers had > > to continue to devote significant resources to maintaining a rat's > > nest of legacy code [...] > I was not suggesting that openssl maintain their apparently messy > code; they're maintaining it already, for whatever the remaining > period is.The legacy code I'm referring to is code they inherited from Tatu Yl?nen and have worked diligently to improve over the last 15 years. But SSH1 is a shitty protocol and too different from SSH2 to be easily integrated into a single framework. There really isn't much point in expending any more effort on it.> i'm suggesting a port with a v1 client; that is built with all the other > binary ports for abi changes and whatever else is reasonable. yes, i > can build my own, but i feel it should be a port.You mean like net/tcpdump398, which was forked from net/tcpdump because some people liked its output format better than that of tcpdump 4, and then forgotten, and is known to have dozens of security vulnerabilities? DES -- Dag-Erling Sm?rgrav - des at des.no