SSH

SSH

[Fabien.LIOU]

Hi,

Can you explain me what are the differences between ssh-3.X and OpenSSH-3.X
?

I would like to have the same distribution installed in Linux boxes and
Solaris boxes.

What is the best package ?

Thanks

Fabien

Re: SSH

[David Jackson]

Fabien.LIOU@fr.thalesgroup.com wrote:

> Hi,
>
> Can you explain me what are the differences between ssh-3.X and OpenSSH-3.X

Openssh is Open Source, free to use, and most important is being activily
maintained
ssh (if  your are referring to the commerical product), closed source and cost
you money ?

As far as Solaris, the package provide by Sun is OpenSSH but besure and check
the version.

David

Re: SSH

[Michael H. Warfield]

On Tue, Jul 09, 2002 at 10:54:45AM -0600, David Jackson wrote:


> Fabien.LIOU@fr.thalesgroup.com wrote:

> > Hi,

> > Can you explain me what are the differences between ssh-3.X and OpenSSH-3.X

> Openssh is Open Source, free to use, and most important is being activily
> maintained
> ssh (if  your are referring to the commerical product), closed source and cost
> you money ?

	Half right...  Well...  Maybe 1/3 right.

	Ssh from SSH Communications is not "closed source".  The source
is completely available.  It may not meet the licensing requirements of
OSI for the "Open Source" branding, but it is not closed source.  You can
download the source from their web site and build it on your system
if you so desire, right now.

	It is also free for non-commercial use.  The "non-commercial"
aspect has gotten a lot stricter since the very loose definition days
of SSH 1.x, but it still is free for non-commercial use.

	OpenSSH incorporates both SSH version 1 and SSH version 2 in
a single client (server) binary.  Commercial SSH only incorporates
the version 2 protocol unless you install the older SSH1 package
(which they no longer officially support) FIRST.  Even then, there
are latency issues and protocol startup issues if you need to support
SSH1.

	All that being said, OpenSSH is still definitely the way to go.
Definitely Open Source (BSD License) and definitely free for both
non-commercial and commercial uses, plus supporting both major versions
of the SSH protocol (actually 3 versions of the protocol, two minor revisions
of the version 1 protocol plus the version 2 protocol).

> As far as Solaris, the package provide by Sun is OpenSSH but besure and check
> the version.

	DEFINITELY check the OpenSSH version.  Versions prior to 3.4p1
(that's 3.4 Portable 1, not 3.4 patch 1) with either BSDAuth, S/Key,
or PAM enabled are vulnerable to a serious remote execution security hole.
BSDAuth and S/Key are not commonly compiled in (other that on OpenBSD and
a few odd others) but PAM potentially is.  IAC...  The safest thing is
to be on 3.4p1.

> David

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  /\/\|=mhw=|\/\/       |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

SSH

[alexander.lopata]

It seems that sshd does not see authorized_keys file in my home folder.
What I've done is put my openSSH public key in %h/.ssh/authorized_keys  
and configure my ssh client to use corresponding private key. But SSH 
still ask password. What can be wrong ?

Re: SSH

[Helmut Djurkin]

$HOME/.ssh/ should not be accessible by others
try 'chmod go-rwx $HOME/.ssh -R'

alexander.lopata schrieb:
> It seems that sshd does not see authorized_keys file in my home folder.
> What I've done is put my openSSH public key in 
> %h/.ssh/authorized_keys  and configure my ssh client to use 
> corresponding private key. But SSH still ask password. What can be 
> wrong ?
>
> -- 
> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

Re: SSH

[Chamith Kumarage]

Hi Alexander,

Check the permissions of authorized_keys file at server end and and %
h/.ssh at client end. Depending on the OpenSSH version, check for the
availability of authorized_keys2 file.

Thanks,

~Chamith

-  
*** There's no place like ${HOME} ***


On Sun, 2008-07-13 at 03:14 +0300, alexander.lopata wrote:
> It seems that sshd does not see authorized_keys file in my home folder.
> What I've done is put my openSSH public key in %h/.ssh/authorized_keys  
> and configure my ssh client to use corresponding private key. But SSH 
> still ask password. What can be wrong ?
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html