OpenSSH Going Strong After 10 Years With Release of v5.3 249
An anonymous reader writes "OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. It encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions. Version 5.3 marks the 10th anniversary of the OpenSSH project."
I know I'm not alone in this... (Score:5, Insightful)
Thank you to everyone that's worked on OpenSSH over its lifetime - it's certainly made my (working) life easier.
And, unlike the Slashdot submission system, OpenSSH pretty much always works!
And best of all... (Score:3, Insightful)
Thanks OpenBSD (Score:5, Insightful)
For the rest as well.
How was life possible without it? (Score:5, Insightful)
To think we used to use telnet and rlogin to access everything.
OpenSSH is a far more significant technology than it has gotten credit for.
10 years of fear reading sec lists (Score:5, Insightful)
No matter the OS, no matter the exploit, that name alone in the title of an email to bugtraq can send shivers down the spine.
Re:How was life possible without it? (Score:3, Insightful)
Except OpenSSH really shouldn't get the credit. Tatu Ylönen created ssh, not OpenBSD. The original OpenSSH implementation was based on Tatu's code. I'm not arguing that OpenSSH isn't useful, or that they haven't done good work, but it is not the origin of the technology.
Is OpenSSH still speed limited? (Score:2, Insightful)
To the best (Score:4, Insightful)
Re:Thanks OpenBSD (Score:3, Insightful)
Re:I know I'm not alone in this... (Score:3, Insightful)
Slashdot is a news site. We don't need to be notified every time something exists for 10 years. Unless this "encrypting traffic" thing is new in OpenSSH v5.3
It's not new to OpenSSH but OpenBSD's default disabling of telnet (when everyone used it) and pushing OpenSSH helped make secure connections the standard.
Re:How was life possible without it? (Score:3, Insightful)
Just a suggestion, but maybe you should wear underwear... Of course, there are situations where you have to zip-and-dash, like when your girlfriend's husband walks in, unannounced - the nerve... - but, generally, I've found that the judicious use of Underoos helps prevent biting zip-ups.
Comment removed (Score:3, Insightful)
Re:License (Score:4, Insightful)
I do believe that you've entirely missed the point of that paragraph. They still wouldn't have to pay a dime. As in, who cares if they would have to offer the source to something where the source is already available.
The GPL is not the godsend that many people believe it to be. In fact, if looking at current (and past) business practice is any indication, the GPL would have actually hindered OpenSSH's adoption, not promoted it. Businesses really hate that viral open source thing in the GPL regardless of whether there code actually touches the GPL'd code. Just not worth the risk for many (most?).
Re:Thanks OpenBSD (Score:4, Insightful)
Theo de Raadt is not all powerful. The project is stagnating now in some areas in spite of him being the leader. However nobody can deny he and his team are some of the best programmers around.
OpenBSD source code is the best I have ever seen and the first thing I do on any new Linux installation is to install OpenBSD tools.
Really if someone is reading this and wants to flee the Linux gulag, OpenBSD is a system to check. It is not the fastest, it is not the smallest, but it is the most secure and consistent.
Re:License (Score:5, Insightful)
Not wanting to troll but, you know, if openssh was GPL licensed said commercial vendors would have to release the source for openssh with their products, including any modifications they made. The project could also offer LGPL or BSD licensed versions in exchange for cold, hard, cash.
Instead they do the noble thing and release their hard work without strings attached. They understand the alternatives but actively choose to stick with a license that doesn't childishly punish those who cannot or won't return the favor. They do what they do not to "stick it" to corporations but rather because they love to code and love when their code is used to improve peoples' lives. They even love it when somebody is able to take what they've done and build off of it or incorporate it into a product. It's a matter of love, and love must be given without strings and viral conditions. It's true charity, and charity is for the giver as much as the receiver. It's the BSD philosophy, and it's not often understand by the GNU herd. But that's okay, because the software we write is for them, too. And we love it even if they don't understand why.
Thanks OpenBSD. You're awesome. I hope a lot of people today make good use of this link [openssh.com].
Re:License (Score:4, Insightful)
Meh, check out Theo's wikiquote [wikiquote.org] page:
"So the HP guy comes up to me (at the Melbourne conference) and he says, 'If you say nasty things like that to vendors you're not going to get anything'. I said 'no, in eight years of saying nothing, we've got nothing, and I'm going to start saying nasty things, in the hope that some of these vendors will start giving me money so I'll shut up'."
Doesn't sound much like "love" or "charity" to me. Sounds to me like a man that's tried of giving and giving and giving and never getting anything back, yet refuses to acknowledge that as long as the license doesn't require anyone to give anything back, corporations don't. Their obligations are to the stockholders, not to fair dealings. Squeeze your costs as much as possible, get as much money as possible out of your customers, turn a big profit. That's what drives most companies all the time and all companies most of the time. Theo seems to be going by much the same drive as Linus, he wants to do this "right", he wants to make the best possible product. But unlike Linus, he hasn't gotten everyone else on board.
It's possible what is in OpenBSD is better, per se. But compared to Linux it's like an obscure niche site compared to wikipedia, it's where everyone contributes and it's huge, hard to manage but ends up being so much more useful. You got people working on Linux to make it run better on everything from cell phones to supercomputers. You got people working on getting all sorts of wierd hardware work. You got people working on desktop responsiveness and heavy server workloads. You got all sorts of research work, build farms and regression tests being run all over the place. OpenSSH may be a polished gem, but it's only the front door lock. But for everything else if you're relying on the masses to develop your OS, I'm going where the masses are. That is in no small part the license, though I know there's also other reasons...
Re:Thanks OpenBSD (Score:3, Insightful)
That would make the connection unencrypted during the authentication, and would need to be manually enabled on all sites where you would use it. Not that it matters, it would be an anti-feature anyway.
Re:Thanks OpenBSD (Score:1, Insightful)
Now if the OpenBSD project would just start doing something with the clean-room reverse engineered binary blobs for wireless cards that we've been sending them for the past three years...
Great firewalls, great routers, good servers, but crap for everything else.