From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <1405811987.22941.YahooMailBasic@web184705.mail.ne1.yahoo.com> Date: Sat, 19 Jul 2014 16:19:47 -0700 From: "Brian L. Stuart" To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> In-Reply-To: <20140719180021.Horde.3AeyD8uom6rwQgD19QLi2A1@ssl.eumx.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [9fans] Plan9 Sources Repository Topicbox-Message-UUID: 07287cfe-ead9-11e9-9d60-3106f5b1d025 >=A0 =A0 =A0=A0=A0- having an SSH2 server (there is one in 9atom, but I di= dn't=A0=20 > see it in the stock Plan9). Geoff included the same ssh implementation as 9atom has in /sys/src/cmd/ssh2 but with some code clean-up. So the server code is there. I've been meaning to go back an reconcile the two different versions, including some bug fixes in the 9atom version, but my supply of round tuits is small. > Are you sure it doesn't have the Heartbleed? =20 For a number of reasons, yes, I am. The Plan 9 ssh v2 implementation is completely new and doesn't share any code with either OpenSSH or OpenSSL. That decision was made for a lot of reasons, one of which was to make the system less susceptible to the script kiddies. While I certainly don't have the hubris to suggest it is without flaws, I'm pretty sure its flaws are different than those of the mainstream implementations. So one is unlikely to get very far using a mainstream exploit. Having said all that, I would not recommend running an SSH server on Plan 9, unless you have a really compelling reason. With all due respect to those who developed the protocol, its authentication model is not, in my opinion, as solid as that of Plan 9. If you want to remotely "log into" a Plan 9 system from a foreign system, use drawterm, or cpu from a virtualized Plan 9 terminal. BLS