On Fri, 07 Jul 2000, Paul Lussier <[EMAIL PROTECTED]> wrote:
>
> It's not so much the patent issue with ssh, it's that they use the RSARef
> libs, which have a big, wide, gaping security hole in them. OpenSSH doesn't,
> and is fully interoperable.
Please note that ssh does *not* use RSAREF by default, it uses its own
internal implementation. You have to turn RSAREF on during configure
with --with-rsaref
The ssh readme's are pretty negative about rsaref, and it appears you have
to go and get the rsaref package separately. I've never seen a ssh/sshd
compiled using RSAREF, but I imagine some are out there.
Karl Runge
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
