OpenSSH Going Strong After 10 Years With Release of v5.3

An anonymous reader writes "OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. It encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions. Version 5.3 marks the 10th anniversary of the OpenSSH project."

I know I'm not alone in this...

[93 Escort Wagon]

Thank you to everyone that's worked on OpenSSH over its lifetime - it's certainly made my (working) life easier.

And, unlike the Slashdot submission system, OpenSSH pretty much always works!

Re:I know I'm not alone in this...

[e9th]

Please consider buying one or more of their so-ugly-they're-cute T-shirts. [openssh.org]

Re:

[the_humeister]

I'd rather just donate the money directly to the project. I have enough nerdy t-shirts.

Re:I know I'm not alone in this...

[nametaken]

Or donate some decent t-shirt designs. :/

Re:I know I'm not alone in this...

[TheRaven64]

OpenSSH is developed by OpenBSD. They accept PayPal donations via the link on this page [openbsd.org].

Re:

[BikeHelmet]

You noticed that too, huh?

I was going to make a "First Post - after 2 hours!" joke, but the submission error prevented me.

Congrats, OpenSSH team! I think anyone that has used linux has probably used SSH, intentionally or not!

Re:

[grub]

Slashdot is a news site. We don't need to be notified every time something exists for 10 years. Unless this "encrypting traffic" thing is new in OpenSSH v5.3

It's not new to OpenSSH but OpenBSD's default disabling of telnet (when everyone used it) and pushing OpenSSH helped make secure connections the standard.

Happy birth-day OpenSSH

[La Gris]

This wonder-full versatile tool shaped the world of remote administration or the other way round.

Would you ?

1) Abandon SSH or OpenSSH
2) Loose an arm
3) I'm a snake
4) Telnet everywhere
5) I live in a data-center

Re:

[CSMatt]

3) I'm a snake
5) I live in a data-center

Huh?

Re:

[dragonturtle69]

I think something was lost in the translation in that post, French to English.

Re:

[Derleth]

Has anyone really been far even as decided to use even go want to do look more like?

MEOW! MEOW! MEOW!

La Lune Noir! Noir! Chat!

Re:

[MrMr]

Exactly, point 3 was actually:
Mon aeroglisseur est plein d'anguilles.

Re:Happy birth-day OpenSSH

[holloway]

3) I'm a snake

Huh?

Step 4 ????
Step 5 Badger badger badger badger badger

Re:

[Derleth]

6) My toad loves cheese

7) I live with two mimes, and I cannot scream

8) Loose a thumb, but only on Thursdays

9) I'm a wallaby. Mooo!

10) Unicorn. Love. Hate.

11) Understanding you'r Swede

Re:

[kdemetter]

12) Profit ?

Re:

[ncc74656]

12) I cannot buy this record. It is scratched.

And best of all...

[Timothy Brownawell]

...it remembers what key goes with what server, rather than unconditionally giving each of a few dozen outside groups the ability to tell it that yes, your secure server really did just get a new key (so that new Russian IP address must be correct).

Thanks OpenBSD

[Spit]

For the rest as well.

Re:

[atheistmonk]

They really are a gift that keeps giving. I'm not really much of an OpenBSD user... I don't always like that Theo de Raadt assumes he knows what's best for me. Unfortunately... He's probably right. May it live forever and spawn more and more secure and useful tools for the F/OSS world.

Re:Thanks OpenBSD

[JackieBrown]

What is interesting is how secure and easy it is to use.

I use it with fuse to mount my networked partitions. It involved no work and the fact that it is secure is just a bonus since there is no noticable speed loss for my transfers

Re:Thanks OpenBSD

[Anonymous Coward]

Theo de Raadt is not all powerful. The project is stagnating now in some areas in spite of him being the leader. However nobody can deny he and his team are some of the best programmers around.
OpenBSD source code is the best I have ever seen and the first thing I do on any new Linux installation is to install OpenBSD tools.
Really if someone is reading this and wants to flee the Linux gulag, OpenBSD is a system to check. It is not the fastest, it is not the smallest, but it is the most secure and consistent.

Re:Thanks OpenBSD

[Dadoo]

I'd like to thank the OpenBSD project, as well, but I'd also like to point out a few issues.

OpenSSH still won't work with certificates signed by a CA.

OpenSSH doesn't allow an unencrypted connection (after authentication). Not all CPUs can encrypt/decrypt at 1Gbps.

OpenSSH doesn't work - as advertised - with an exclamation point in a "Match" statement.

Other than that, OpenSSH is possibly one of the most capable and reliable pieces of software I've ever had the privilege to use.

Re:

[Chris Pimlott]

OpenSSH doesn't allow an unencrypted connection (after authentication). Not all CPUs can encrypt/decrypt at 1Gbps.

I believe there is a compile-time option to include a noop cipher as a run-time option, it's just not included by default.

Re:

[impaledsunset]

That would make the connection unencrypted during the authentication, and would need to be manually enabled on all sites where you would use it. Not that it matters, it would be an anti-feature anyway.

Re:

[gad_zuki!]

>Not all CPUs can encrypt/decrypt at 1Gbps.

FTPS does this. You can disable/enable encryption on the fly. I believe this functionality is disable in filezilla by default, but other servers support it.

Re:Thanks OpenBSD

[Hatta]

OpenSSH provides a lot more than just security. Sometimes I'd just like it to forward X over my LAN. In that case, encryption is completely unnecessary. Yeah, I could do it the old fashioned way, but it's been so long I've forgotten how.

How was life possible without it?

[stox]

To think we used to use telnet and rlogin to access everything.

OpenSSH is a far more significant technology than it has gotten credit for.

Re:How was life possible without it?

[the_humeister]

Same with zippers. What would life be like without zippers?

Re:How was life possible without it?

[InsaneMosquito]

Same with zippers. What would life be like without zippers?

A lot more drafty?

Re:How was life possible without it?

[grub]

What would life be like without zippers?

I'd have far fewer painful memories of getting wang-skin caught in them.
R

Re:

[evil_aar0n]

Just a suggestion, but maybe you should wear underwear... Of course, there are situations where you have to zip-and-dash, like when your girlfriend's husband walks in, unannounced - the nerve... - but, generally, I've found that the judicious use of Underoos helps prevent biting zip-ups.

Re:

[grcumb]

Same with zippers. What would life be like without zippers?

I have 4 pairs of Levi 501s, you insensitive clod!

(And one pair of 504s - endlessly and sometimes comically confusing, especially in crucial moments.)

Re:How was life possible without it?

[wastedlife]

I have a pair of 404s, but I can never find them.

Re:How was life possible without it?

[RzUpAnmsCwrds]

I have a pair of 413s, but they are too big to fit me.

Re:

[AliasMarlowe]

I have a pair of 404s, but I can never find them.

You can get as many 419s as you can handle from my colleague, until recently the Esteemed Excellency of Nigeria's Department of Overseas Resource Depletion, and now with a large number of undocumented 419s at his disposal. Please reply with banking details, home address and SIN, and all other useful information such as drivers license and credit card numbers.

Re:

[david duncan scott]

Zippers may be the only thing that separates us from the great apes.

Re:

[melikamp]

Like this. [wikipedia.org]

Re:

[Anonymous Coward]

Except OpenSSH really shouldn't get the credit. Tatu Ylönen created ssh, not OpenBSD. The original OpenSSH implementation was based on Tatu's code. I'm not arguing that OpenSSH isn't useful, or that they haven't done good work, but it is not the origin of the technology.

Re:How was life possible without it?

[evilviper]

The original OpenSSH implementation was based on Tatu's code.

Yes it was. But Tatu's SSH was the old, insecure protocol.

And there were many secure remote access tools before it. kerberized telnet, telnet/ftp over SSL, and limitless others.

It's not the magical protocol (which is quite similar to SSL plus RSH/RCP), or the initial few lines of code that got it started. It's the fact that it was open, secure, widely available, and being pushed by the OpenSSH folks to be used as the default form of remote access on Unix systems.

Tatu didn't have anything to do with it. He was too busy commercializing it, and repeatedly threatened, and then suing the OpenSSH project for all their hard work. If he had chosen to keep SSH open, we'd have been a LOT further along. As other posters correctly remember, support for SSH very nearly died with that step. Many programs included SSHv1 support, and then just stagnated and let the code rot. If not for OpenSSH, it would be another relic of secure telnet protocols tried and failed, not having gone anywhere, and we'd go merrily along, using telnet and rsh, bemoaning the fact that it's so insecure, and that nothing better ever came along.

Re:How was life possible without it?

[Anonymous Coward]

Version 2 of the SSH protocol was also developed by Tatu YlÃnen and his company SSH Communication Security. It was just that they when they made the new, improved protocol they also switched to a proprietary license with SSH v2. It took a couple of years before the OpenBSD folks had developed the open source SSH v1 code to the point where it supported all features of the SSH v2 protocol. The two implementations of v2 still aren't fully compatible on client-side stuff like key storage, but nowadays it is the proprietary SSH that is considered the odd one out.

I don't consider Tatu YlÃnen here as a bad guy. What he has given to the world free of charge is 1) the SSH v1 protocol specification, 2) the SSH v1 open source implementation, and 3) the SSH v2 protocol specification. On top of that he has managed to make a living off of the SSH v2 code, and he certainly has the right to do that.

Re:

[mlts]

The only other protocol available at the time that might have even approached SSH would be a SSL based telnet. I'm not sure how rlogin would have been secured (because it is UDP based), but it likely would be nowhere near as elegant as what ssh offers.

To boot, neither telnet or rlogin offered port forwarding (which meant an easy way to use X clients over an insecure network), variable security methods (so you wouldn't need to worry about a password, but could use a private .identity key), multiple encrypti

Re:

[Alioth]

Not only that, but telnet and rlogin over 10base2 thin-net or 10baseT with a hub rather than a switch, so anyone on your LAN segment could see your passwords going by...

10 years of fear reading sec lists

[VonGuard]

No matter the OS, no matter the exploit, that name alone in the title of an email to bugtraq can send shivers down the spine.

Re:

[_Sprocket_]

I remember more rumors of vulnerabilities than vulnerabilities. Not that there weren't any - there have been more than a dozen vulnerabilities over the last decade. But the fear of an exploit seemed to be the exploit as often as an actual bug discovery.

i dont need ssh

[digitalsushi]

i dont need ssh... for some reason inetd was installed with a call to bash, running as root. i can just telnet right in. it actually saves me a ton of time, since lately i can't even seem to remember what my password is.

Re:

[dazjorz]

Interesting. Would you mind telling me what host and port this is, so I can.. um... diagnose the uh.. problem?

Re:

[iammani]

Sure, I will help you with that. Its 127.0.0.1 and any port

Re:i dont need ssh

[MichaelSmith]

All that gives me is a web page with tentacle porn....

Re:i dont need ssh

[glittalogik]

Live action or animated? Normally I wouldn't pry but my genitals wanted me to ask.

Re:i dont need ssh

[David_W]

since lately i can't even seem to remember what my password is

It's hunter2.

Re:i dont need ssh

[Anonymous Coward]

For the young folk who are scratching their heads...

http://www.bash.org/?244321 [bash.org]

Re:

[noidentity]

"since lately i can't even seem to remember what my password is"

It's hunter2.

That's odd; it just appears as ******* to me. Is that because it only shows up for the person whose password it is? Cool.

One of the few Mega-Tools

[gweihir]

No idea what I would do without it.

Re:

[slim]

No idea what I would do without it.

rsh over stunnel?

Is OpenSSH still speed limited?

[TheSlashaway]

Did OpenSSH ever fix the performance limitation on fast networks (>100Mbps)? They have static internal flow buffers that prevent fast scp/ssh! HPN has a patch but OpenSSH has to my knowledge never adopted it. http://www.psc.edu/networking/projects/hpn-ssh/ [psc.edu]

Re:

[Techman83]

I find I'm pushing Disk/CPU/Network rather then limitations with SCP. I figure the encryption is causing the CPU load, the rest is obvious.

Re:Is OpenSSH still speed limited?

[WuphonsReach]

Like the other poster, I've see 30-50 MB/s (300-500 Mbps) over a gigabit network when copying between boxes using scp. The limitations were more the frame size (not using jumbo frames on that network) along with the read/write speeds of the system on each end.

So, it's no slouch and better then SMB/CIFS.

Re:

[0123456]

Yeah, scp gets about 55MB/sec between Linux systems at work with gigabit LAN.

To the best

[Powys]

My hats off to probably the best open source package ever made

Re:To the best

[turing_m]

Have you checked out my package?

Re:

[Rennt]

Why, is it open source?

Re:

[alx5000]

Is open sores close enough?

Re:

[turing_m]

Wow, is that bzipped? How large is it uncompressed?

Of course it's bzipped - but I'm not sure what the compression ratio is for Python. I'd appreciate it if you wouldn't fork it. And be careful when examining the Python, it has been known to generate streams of Perl. You'd rather not get it on you - it is, after all, a glue language.

I remember switching to openSSH.

[Vellmont]

It was likely not far after openSSH became available, and the original SSH was starting to get less and less friendly. The great thing about SSH is is all started out free and open. Early on it was experimental (though very cool). This later changed when the original SSH became commercialized, and the licensing started closing up (thus my switching to openSSH). This was back in the days when an ssh client was something you had to hunt around for and much of the time all that was available was cruddy ssh1 clients.

We've come a long way since then. These days putty and SCP are available for any platform. I haven't even thought about the original ssh from Tatu for years, though I certainly used it so many years ago.

License

[MichaelSmith]

The openssh web page [openssh.com] says:

Please take note of our Who uses it page, which list just some of the vendors who incorporate OpenSSH into their own products -- as a critically important security / access feature -- instead of writing their own SSH implementation or purchasing one from another vendor. This list specifically includes companies like Cisco, Juniper, Apple, Red Hat, and Novell; but probably includes almost all router, switch or unix-like operating system vendors. In the 10 years since the inception of the OpenSSH project, these companies have contributed not even a dime of thanks in support of the OpenSSH project (despite numerous requests).

Not wanting to troll but, you know, if openssh was GPL licensed said commercial vendors would have to release the source for openssh with their products, including any modifications they made. The project could also offer LGPL or BSD licensed versions in exchange for cold, hard, cash.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[MichaelSmith]

Not wanting to troll but, you know, if openssh was GPL licensed said commercial vendors would have to release the source for openssh with their products, including any modifications they made. The project could also offer LGPL or BSD licensed versions in exchange for cold, hard, cash.

You're assuming that the commercial vendors would still use OpenSSH if it was GPLed. What makes you think they wouldn't either roll their own SSH server or use some other proprietary implementation?

It would come down to economics. Is an LGPL version of openssh cheaper than commercial implementation X? This approach works for adacore. [adacore.com]

But for sure, fewer products would contain openssh if it was GPLed. But with more money it might be a better product, so there might be a net iimprovement in security that way.

Re:

[Secret Rabbit]

Throwing money at security won't make something more secure. That's really up to who is doing the programming i.e. how competent they are. Just look at all the security products out there that have massive security holes in them regardless of whether they are commercial or open-source.

Re:License

[Secret Rabbit]

I do believe that you've entirely missed the point of that paragraph. They still wouldn't have to pay a dime. As in, who cares if they would have to offer the source to something where the source is already available.

The GPL is not the godsend that many people believe it to be. In fact, if looking at current (and past) business practice is any indication, the GPL would have actually hindered OpenSSH's adoption, not promoted it. Businesses really hate that viral open source thing in the GPL regardless of whether there code actually touches the GPL'd code. Just not worth the risk for many (most?).

Re:

[rtfa-troll]

Businesses really hate that viral open source thing in the GPL

You seem to think that we're on some ideological crusade to take over everything. In the real world, we just don't care at all about anything which is not "core business". The GPL is an excellent thing since we can give back source code without much need to think. The business justification is one check box (because we have to) rather than weeks of meetings about whether this feature is strategic. When you somehow end up giving away a feature to a GPL app, you know that even if the competition gains the

Re:License

[onefriedrice]

Not wanting to troll but, you know, if openssh was GPL licensed said commercial vendors would have to release the source for openssh with their products, including any modifications they made. The project could also offer LGPL or BSD licensed versions in exchange for cold, hard, cash.

Instead they do the noble thing and release their hard work without strings attached. They understand the alternatives but actively choose to stick with a license that doesn't childishly punish those who cannot or won't return the favor. They do what they do not to "stick it" to corporations but rather because they love to code and love when their code is used to improve peoples' lives. They even love it when somebody is able to take what they've done and build off of it or incorporate it into a product. It's a matter of love, and love must be given without strings and viral conditions. It's true charity, and charity is for the giver as much as the receiver. It's the BSD philosophy, and it's not often understand by the GNU herd. But that's okay, because the software we write is for them, too. And we love it even if they don't understand why.

Thanks OpenBSD. You're awesome. I hope a lot of people today make good use of this link [openssh.com].

Re:

[rohan972]

The constant pissing match between GPL and BSD advocates is a bit silly IMO. It seems to me (not being a programmer but being a user of BSD and GPL licensed software) that each licence is appropriate for difference circumstances, according to the desires of the author.

It's like arguing that knives are superior to forks, so I only eat with knives! Licenses are a tool, each suitable for it's purpose.

I don't agree that the GPL "childishly punishes" anyone, nor that it is viral. It is copyright that provi

Re:License

[Kjella]

Meh, check out Theo's wikiquote [wikiquote.org] page:
"So the HP guy comes up to me (at the Melbourne conference) and he says, 'If you say nasty things like that to vendors you're not going to get anything'. I said 'no, in eight years of saying nothing, we've got nothing, and I'm going to start saying nasty things, in the hope that some of these vendors will start giving me money so I'll shut up'."

Doesn't sound much like "love" or "charity" to me. Sounds to me like a man that's tried of giving and giving and giving and never getting anything back, yet refuses to acknowledge that as long as the license doesn't require anyone to give anything back, corporations don't. Their obligations are to the stockholders, not to fair dealings. Squeeze your costs as much as possible, get as much money as possible out of your customers, turn a big profit. That's what drives most companies all the time and all companies most of the time. Theo seems to be going by much the same drive as Linus, he wants to do this "right", he wants to make the best possible product. But unlike Linus, he hasn't gotten everyone else on board.

It's possible what is in OpenBSD is better, per se. But compared to Linux it's like an obscure niche site compared to wikipedia, it's where everyone contributes and it's huge, hard to manage but ends up being so much more useful. You got people working on Linux to make it run better on everything from cell phones to supercomputers. You got people working on getting all sorts of wierd hardware work. You got people working on desktop responsiveness and heavy server workloads. You got all sorts of research work, build farms and regression tests being run all over the place. OpenSSH may be a polished gem, but it's only the front door lock. But for everything else if you're relying on the masses to develop your OS, I'm going where the masses are. That is in no small part the license, though I know there's also other reasons...

Fast, Weak sshfs

[Doc Ruby]

I find sshfs to be a much easier to use ad-hoc network fileystem mounter than the other popular alternatives. And it's secure by default.

But it's too secure. Or rather, there are scenarios in which the network transfer doesn't need the ssh security, but encrypting it takes too long (or too much CPU from other tasks, especially on dinky embedded network devices). Is there a way to force sshfs to use a much less compute intensive encryption, or maybe even a null crypto module? Without hacking the source directly, that is - like an execution option, a compile option, a config rule, etc.

Re:

[Rennt]

A null-crypto secure-shell file-system?

Two thoughts spring to mind - "Why?" and "NFS"

Re:

[shish]

"Why?" and "NFS"

Each of those are the answer to the other -- NFS is the only real alternative, and it is awful; SSHFS is simpler to set up, simpler to use, more reliable, more flexible, more secure (even when I'm on a LAN and don't want encryption, I still want authentication), etc...

Re:

[TheRaven64]

NFS4 is starting to be quite well supported (Linux, Solaris, FreeBSD and - I think - OS X now implement it) and supports encryption. It uses a very different model to things like CIFS and SSHFS though. NFS is designed for sharing filesystems to computers, while CIFS and SSHFS are designed for sharing filesystems to users. This is a critical distinction. A user can mount a remote share using one of these protocols, with their own credentials, and use it. NFS (or AFS and derivatives) requires the adminis

Re:

[buchner.johannes]

Wait, you want ssh to not be secure? wtf! Just use cifs if you don't like the encryption.

Re:

[shish]

Wait, you want ssh to not be secure? wtf! Just use cifs if you don't like the encryption.

What if you don't like the encryption, but you do like the ease of setup, ease of use, flexibility, reliability, etc?

Re:

[Kjella]

I don't think the OpenSSH guys want to add it, and I agree with them. It's a tool used by so many that understand so little, but at least they've sorta understood that SSH = secure. They'd still fall for any certificate trickery because they don't really understand, but I digress. The point is that once sshfs means maybe secure, maybe not secure you can bet idiots will do stuff like disable crypto and go "Hey look, it's still ssh, it's still secure, and it's 100x faster" and completely ignore all the blinke

Re:

[rohan972]

That said, i never knew there was such a thing as "too secure"

You've never lost the key to the blast proof underground safe you keep your asthma medication in obviously.

tunneling

[buchner.johannes]

I love that they implemented multiplexing channels ... -R and -L are just awesome.

Re:

[TheRaven64]

There are a few features in ssh related to that that a lot of people seem to be completely unaware of. The -D option runs a SOCKS4/5 proxy on a given port, which can dynamically forward things for you. As long as your client app supports SOCKS proxies, it will work transparently through this, forwarding ports as required. The -w option lets you set up the tun(4) device for forwarding. You can use this to forward at the IP or Ethernet layer. It gives you a virtual network device that forwards every fram

what is this 'ssh'?

[dogganos]

is it better than telnet?????

rsync over SSH for backups

[Cato]

One of the best things about SSH is rsync - you only need an SSH enabled login on a machine, with a copy of rsync, to be able to efficiently copy data with block-level incremental efficiency. Even better, there are excellent backup tools such as rsnapshot that build on rsync to store multiple versions of a file in the backup file tree, using hard links to avoid storing the same version twice - so every backup is a full backup in terms of easy recovery, but an incremental backup in terms of network and storage efficiency.

See http://slashdot.org/comments.pl?sid=1371703&cid=29451267 [slashdot.org] for more about rsnapshot and friends.

Who doesn't know about OpenSSH

[cecom]

The fact that the editors thought that Slashdot needed an explanation of what OpenSSH is makes me feel dirty. It is like explaining what H2O is. If you don't know what OpenSSH is you should not be reading Slashdot, you bastards!

Fixed the root exploit?

[shish]

Did they fix the hole that allowed imageshack and such to get hacked a while back? Did they ever even find out what that hole was?

(The hackers claim 5.2 is safe, but for all we know, that could be a trick to make us upgrade to an even buggier version... the hack was in the name of avoiding full disclosure, so we'll probably never know exactly what they did, and thus not be sure it's fixed, and thus the incredibly anti-full-disclosure people demonstrate exactly why full disclosure is a good thing :-/ )

Still no tunneling on OSX

[chrysalis]

Unfortunately, on OSX, while the option (-w) is documented, OpenSSH still doesn't support tunneling, even after installing tuntap.

Re:

[TheRaven64]

The -w option creates a virtual network adaptor and forwards IP packets or Ethernet frames over it. If you use it in Layer 3 (IP) mode then it will forward TCP, UDP, SCTP, and any other IP protocol. If you use it in Layer 2 mode then it will also work with non-IP protocols, such as AppleTalk. -L and -R, in contrast, only work with TCP. Both of these support routing, so your client can connect to any arbitrary server on any port and have packets passed along the encrypted connection as the first hop. Th

Beware of Linux-induced vulnerabilities

[fialar]

http://lwn.net/Articles/354891/ [lwn.net]

Otherwise, OpenSSH is fantastically secure. :)

Does it run...

[Aladrin]

Yes but, does it run on Windows 7?

I tried installing sshwindows on Win7 the other day and the service wouldn't start. As far as I can tell, openssh has never officially supported Windows and never will.

Sure, it's useful for 'nix to 'nix connections, but I need my Windows PC in on the action, too.

Sure.

[Pegasus]

Install cygwin or Microsoft'w own SFU (services for unix). They give you sshd under windows, init scripts, NFS mounting etc. SFU is actually based on openbsd userspace.

Re:

[MichaelSmith]

It does run on the openmoko.

Re:

[stinkytoe]

Ditto for android.

Re:

[icebike]

Seriously, how did parent get modded flamebate?

You Apple fanboys have to back off a little bit. Apple is a big company, they don't need you to rush to their defense every time some one posts a disparaging word.

And the truth, as the parent posted, can not be a flame.

Re:

[MichaelSmith]

run on iPhone?

It sure does. TouchTerm, for example, uses OpenSSH.
http://jbrink.net/touchterm/ [jbrink.net]

Not the server though.

Re:

[tlhIngan]

run on iPhone?

It sure does. TouchTerm, for example, uses OpenSSH.
http://jbrink.net/touchterm/ [jbrink.net]

Not the server though.

Jailbreak it. OpenSSH is a package available via Cydia, including the server.

localhost:~ mobile$ uname -a
Darwin localhost 9.4.1 Darwin Kernel Version 9.4.1: Sat Nov 1 19:09:48 PDT 2008
; root:xnu-1228.7.36~2/RELEASE_ARM_S5L8900X iPhone1,1 arm M68AP Darwin
localhost:~ mobile$ ps auxwww | grep sshd
mobile 565 6.0 0.5 273304 644 s001 R+ 9:01PM 0:00.04 grep sshd

root 559 0.0 0.0 0 0

Re:

[palegray.net]

Read the source.

Re:

[mlts]

The Feds need security too. I'm sure, if there is any weaknesses (and this is theory mind you, not anything based in fact), it likely would be the larger organizations having knowledge (or specialized hardware like a TWIRL device which is just theory as of now) of how to factor public keys faster than conventional brute force ways. I'm pretty sure a lot of machines out there (especially ssh v1 boxes) still have 512 bit keys as their host key, and if someone targeted that box specifically, they could obtai

Re:

[slack_justyb]

Yeap that will about do it for any geek. I mean my definition of computer porn is heading over to newegg. Does any one else feel there's a Futurama quote somewhere in there?