From mboxrd@z Thu Jan 1 00:00:00 1970 Message-Id: <59AEA692-E5E9-41BE-8B91-BD0595B8598B@storytotell.org> From: Daniel Lyons To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> In-Reply-To: <9ab217670908130813t3e844c59xed3a9e929ff6bd37@mail.gmail.com> Content-Type: text/plain; charset=WINDOWS-1252; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v936) Date: Thu, 13 Aug 2009 11:45:10 -0600 References: <7d3530220908110937u5531ebb2x694612602c8d4a3b@mail.gmail.com> <4ecada1e0908130213u4ba7b10p1a2d85d803294e25@mail.gmail.com> <20090813104725.2f1dceaf.eekee57@fastmail.fm> <3e1162e60908130753r6c138522uceee17f049ba288f@mail.gmail.com> <9ab217670908130813t3e844c59xed3a9e929ff6bd37@mail.gmail.com> Subject: Re: [9fans] Plan 9 hg with private repositories Topicbox-Message-UUID: 47336a1a-ead5-11e9-9d60-3106f5b1d025 On Aug 13, 2009, at 9:13 AM, Devon H. O'Dell wrote: > If I"m recalling correctly, SSHv1 is insecure only if the remote =20 > server is > untrusted. Or am I not recalling correctly? I believe you're correct and that server fingerprinting was introduced =20= in v2. I asked some friends of mine about it and they said the =20 principal issue is that it uses CRC for the packet checksum, which =20 makes it not particularly hard for a third party to inject packets =20 into your connection. Also, there are theoretical attacks that allow =20 the session key to be recovered. One of my friends also said it only =20 supported 3DES, but I'm not convinced that's a cryptological weakness =20= in and of itself, nor that designing a new protocol with plug 'n play =20= crypto is genius either, since I think a lot of the complexity in SSH =20= v2 comes from its configurability, the effect that has on connection =20 setup, as well as silly optional features like connection sharing and =20= whatnot. (I use that silly feature all the time but I don't think I =20 would have offered to build it into the protocol.) =97 Daniel Lyons