Greetings - While Sun ships SSH as part of Solaris now, I don't use it for a couple reasons...
First, Sun support is great. However, there are frequent revisions to OpenSSH. When time is of the essence, like immediately following the discovery of a weakness, OpenSSH is going to be patched almost immediately. With all due respect to Sun, I don't think they can possibly be as responsive. Second, when you connect to a Sun supplied sshd (try "telnet host 22"), it identifies itself as "SSH-2.0-Sun_SSH_1.1". Sorry, but I don't want any of my machines identifying what OS they are running - especially if they are accessible from the Net. (I'm aware that certain peculiarities of TCP stack behavior can also tell a smart hacker what OS is being run, I just don't like advertising.) Building OpenSSH is fairly easy and it's worth the trouble for my piece of mind. I wonder how other admins feel about this... I believe the latest stuff is OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005. Get the components you need at http://www.openssh.org, http://www.openssl.org, http://www.zlib.org. Best regards, mikebo This message posted from opensolaris.org _______________________________________________ opensolaris-discuss mailing list [email protected]
