Thanks Jacob -- what you wrote about v1/v2 issues as well as ssh-keygen options, as well as the 2.9.x problem, as well as the compatibility with already trustes hosts at upgrades, are good pointers and will keep me busy(and quiet) for the near future ....... Horst
On Tue, 12 Feb 2002, Jacob Meuser wrote: > On Mon, Feb 11, 2002 at 09:59:01PM -0800, Horst wrote: > > My box: Mkd 8.1 ; sshd version OpenSSH_2.9p2: ...> > Just curious, which version of ssh do the RH 6.1 boxen run? > Are these boxen set up for ssh v2? MUCH OLDER (and not OpenSSH) ========================== [admin@mercury admin]$ ssh -V ssh: F-Secure-SSH-2.1.0 dss > > OpenSSH 3.0.2 is the latest stable release. > > http://www.kb.cert.org/vuls/id/655259 > http://www.openbsd.org/advisories/ssh_option.txt > http://www.kb.cert.org/vuls/id/157447 > > http://www.monkey.org/~provos/scanssh/ ...> ...> > What options did you use with ssh-keygen? OpenSSH 2.9 uses ssh v2 by > default. To make a ssh v2 key, use 'ssh-keygen -t dsa ...', or > 'ssh-keygen -t rsa ...'. OpenSSH 2.5.x uses ssh v1 by default; you have > created an ssh v1 key. You can force v1 with 'ssh -1 ...', or ssh v2 > with 'ssh -2 ...'. > > Also note that if you were only allowing login over ssh with keys ("A > Good Thing", BTW), then creating new keys will make it prety hard to > login, but you prolly knew that. > > Hope this helps some. > > -- > <[EMAIL PROTECTED]> >
