Slashdot Mirror
OpenSSH 3.5 Released
Dan writes "Markus Friedl announces that OpenSSH 3.5 has just been released with notable updates since 3.4. It will be available from the mirrors listed at http://www.openssh.com/ shortly. Enhancements include bug fixes, improved support for Privilege Separation (Portability, Kerberos, PermitRootLogin handling), RSA blinding in order to avoid timing attacks against the RSA host key and much more. Congratulations are in order for the OpenSSH team's hard work and efforts."
Go eat pie.
Pie's good.
I'm wasting time.
Must submit!
FP!
there is more information regarding the release (such as special comments from the author) here
I'm sorry for all the caps in the title, but don't click that link! That's the worst thing I've ever seen.
With modern computers and government spy networks like Echelon, there is no reason that we shouldn't use OpenSSH as our default shell, as it is free as in speech and as in beer, yet provides excellent security.
OpenBSD leads the way once again.
"Congratulations are in order for the OpenSSH team's hard work and efforts."
Yeah, We congratulate them by slashdotting their main server before for all the mirrors are updated. great work slashdot, its not like this was a vuln fix, its just a new release..it can wait a few hours.
Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
I hope you all eat feces and die. Every last one of you. When you've completed this task, you can try out the new OpenSSH 3.5 release and find out whether or not it is feces.
If it is, proceed to eat it and die. Thanks.
That Linux trojan/virus writers have learned to aim at Linux sysadmins by taking control of very recent patches and adding trojan horses. Seems the best way to attack a Linux system is to try to interrupt the many vigilant admins as they faithfully download patches on the same day they're released... Windows trojans survive on the dearth of upgrades, not their spread...
As you probably know, OpenSSH is largely relient upon the mathematical superiority of RSA encryption techniques. The ability to work with secure shell environments on remote computers has been an absolute god-send since all of the holes in telnet implementations surfaced.
K sN0[lN*1lK[d2%Sa2/d0
To make a long story short, a few fellow grad students and I spent a rainy Saturday morning working on the most simple implementaiton of RSA possible, and our end result is quite interesting to any budding math or computer science students. The best part is that it's written in Perl (hey, we needed the most powerful language!) and only requires a simple, widely-available arithmetic library.
The code:
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",
)]}\EsMs
The beauty of expressing something that's so utterly complex through such a wonderfully simple and sexy solution (via Perl, even!) is what truly makes OpenSSH's use of RSA great.
Of course, be sure to stay on top of updates as the occasional security hole is unearthed -- no matter what system you're responsible, any administrator is a bad administrator if he or she doesn't read bug reports and security advisories and take the necessary precautions via standard upgrade cycles.
Happy shelling!
Department of Physics and Atmospheric Science, Dalhousie University, Halifax, N.S., Canada, B3H 3J5
It is official; Netcraft now confirms: *BSD is dying
One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last in the recent Sys Admin comprehensive networking test.
You don't need to be a Kreskin to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood.
FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.
Let's keep to the facts and look at the numbers.
OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.
Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.
All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.
Fact: *BSD is dying
j00 sux0r t3h manham. cos it's cox0r-lix0ring good
Reading about teh OpenSshhhhit made me cum my pants and treh manham.