Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH Going Strong After 10 Years With Release of v5.3

Posted by timothy on from the can't-even-speak-plainly dept.

An anonymous reader writes "OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. It encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions. Version 5.3 marks the 10th anniversary of the OpenSSH project."

25 of 249 comments (clear)

  1. I know I'm not alone in this... by 93+Escort+Wagon · · Score: 5, Insightful

    Thank you to everyone that's worked on OpenSSH over its lifetime - it's certainly made my (working) life easier.

    And, unlike the Slashdot submission system, OpenSSH pretty much always works!

    --
    #DeleteChrome
    1. Re:I know I'm not alone in this... by e9th · · Score: 4, Informative

      Please consider buying one or more of their so-ugly-they're-cute T-shirts.

    2. Re:I know I'm not alone in this... by nametaken · · Score: 4, Funny

      Or donate some decent t-shirt designs. :/

    3. Re:I know I'm not alone in this... by TheRaven64 · · Score: 4, Informative

      OpenSSH is developed by OpenBSD. They accept PayPal donations via the link on this page.

      --
      I am TheRaven on Soylent News
  2. Thanks OpenBSD by Spit · · Score: 4, Insightful

    For the rest as well.

    --
    POKE 36879,8
    1. Re:Thanks OpenBSD by JackieBrown · · Score: 4, Interesting

      What is interesting is how secure and easy it is to use.

      I use it with fuse to mount my networked partitions. It involved no work and the fact that it is secure is just a bonus since there is no noticable speed loss for my transfers

    2. Re:Thanks OpenBSD by Anonymous Coward · · Score: 4, Insightful

      Theo de Raadt is not all powerful. The project is stagnating now in some areas in spite of him being the leader. However nobody can deny he and his team are some of the best programmers around.
      OpenBSD source code is the best I have ever seen and the first thing I do on any new Linux installation is to install OpenBSD tools.
      Really if someone is reading this and wants to flee the Linux gulag, OpenBSD is a system to check. It is not the fastest, it is not the smallest, but it is the most secure and consistent.

  3. How was life possible without it? by stox · · Score: 5, Insightful

    To think we used to use telnet and rlogin to access everything.

    OpenSSH is a far more significant technology than it has gotten credit for.

    --
    "To those who are overly cautious, everything is impossible. "
    1. Re:How was life possible without it? by InsaneMosquito · · Score: 4, Funny

      Same with zippers. What would life be like without zippers?

      A lot more drafty?

    2. Re:How was life possible without it? by grub · · Score: 4, Funny


      What would life be like without zippers?

      I'd have far fewer painful memories of getting wang-skin caught in them.
      R

      --
      Trolling is a art,
    3. Re:How was life possible without it? by evilviper · · Score: 5, Informative

      The original OpenSSH implementation was based on Tatu's code.

      Yes it was. But Tatu's SSH was the old, insecure protocol.

      And there were many secure remote access tools before it. kerberized telnet, telnet/ftp over SSL, and limitless others.

      It's not the magical protocol (which is quite similar to SSL plus RSH/RCP), or the initial few lines of code that got it started. It's the fact that it was open, secure, widely available, and being pushed by the OpenSSH folks to be used as the default form of remote access on Unix systems.

      Tatu didn't have anything to do with it. He was too busy commercializing it, and repeatedly threatened, and then suing the OpenSSH project for all their hard work. If he had chosen to keep SSH open, we'd have been a LOT further along. As other posters correctly remember, support for SSH very nearly died with that step. Many programs included SSHv1 support, and then just stagnated and let the code rot. If not for OpenSSH, it would be another relic of secure telnet protocols tried and failed, not having gone anywhere, and we'd go merrily along, using telnet and rsh, bemoaning the fact that it's so insecure, and that nothing better ever came along.

      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
    4. Re:How was life possible without it? by wastedlife · · Score: 4, Funny

      I have a pair of 404s, but I can never find them.

      --
      Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"
    5. Re:How was life possible without it? by Anonymous Coward · · Score: 5, Interesting

      Version 2 of the SSH protocol was also developed by Tatu YlÃnen and his company SSH Communication Security. It was just that they when they made the new, improved protocol they also switched to a proprietary license with SSH v2. It took a couple of years before the OpenBSD folks had developed the open source SSH v1 code to the point where it supported all features of the SSH v2 protocol. The two implementations of v2 still aren't fully compatible on client-side stuff like key storage, but nowadays it is the proprietary SSH that is considered the odd one out.

      I don't consider Tatu YlÃnen here as a bad guy. What he has given to the world free of charge is 1) the SSH v1 protocol specification, 2) the SSH v1 open source implementation, and 3) the SSH v2 protocol specification. On top of that he has managed to make a living off of the SSH v2 code, and he certainly has the right to do that.

  4. 10 years of fear reading sec lists by VonGuard · · Score: 5, Insightful

    No matter the OS, no matter the exploit, that name alone in the title of an email to bugtraq can send shivers down the spine.

    --
    Don't Crease the Weasel!
  5. i dont need ssh by digitalsushi · · Score: 4, Funny

    i dont need ssh... for some reason inetd was installed with a call to bash, running as root. i can just telnet right in. it actually saves me a ton of time, since lately i can't even seem to remember what my password is.

    --
    slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
    1. Re:i dont need ssh by MichaelSmith · · Score: 5, Funny

      All that gives me is a web page with tentacle porn....

      --
      http://michaelsmith.id.au
    2. Re:i dont need ssh by David_W · · Score: 5, Funny

      since lately i can't even seem to remember what my password is

      It's hunter2.

    3. Re:i dont need ssh by Anonymous Coward · · Score: 5, Informative

      For the young folk who are scratching their heads...

      http://www.bash.org/?244321

  6. To the best by Powys · · Score: 4, Insightful

    My hats off to probably the best open source package ever made

    1. Re:To the best by turing_m · · Score: 4, Funny

      Have you checked out my package?

      --
      If I have seen further it is by stealing the Intellectual Property of giants.
  7. I remember switching to openSSH. by Vellmont · · Score: 4, Interesting

    It was likely not far after openSSH became available, and the original SSH was starting to get less and less friendly. The great thing about SSH is is all started out free and open. Early on it was experimental (though very cool). This later changed when the original SSH became commercialized, and the licensing started closing up (thus my switching to openSSH). This was back in the days when an ssh client was something you had to hunt around for and much of the time all that was available was cruddy ssh1 clients.

    We've come a long way since then. These days putty and SCP are available for any platform. I haven't even thought about the original ssh from Tatu for years, though I certainly used it so many years ago.

    --
    AccountKiller
  8. Re:Is OpenSSH still speed limited? by WuphonsReach · · Score: 4, Informative

    Like the other poster, I've see 30-50 MB/s (300-500 Mbps) over a gigabit network when copying between boxes using scp. The limitations were more the frame size (not using jumbo frames on that network) along with the read/write speeds of the system on each end.

    So, it's no slouch and better then SMB/CIFS.

    --
    Wolde you bothe eate your cake, and have your cake?
  9. Re:Happy birth-day OpenSSH by holloway · · Score: 4, Funny

    3) I'm a snake

    Huh?

    Step 4 ????
    Step 5 Badger badger badger badger badger

    --
    -Docvert converts MSWord to OpenDocument, clean HTML
  10. Re:License by onefriedrice · · Score: 4, Insightful

    Not wanting to troll but, you know, if openssh was GPL licensed said commercial vendors would have to release the source for openssh with their products, including any modifications they made. The project could also offer LGPL or BSD licensed versions in exchange for cold, hard, cash.

    Instead they do the noble thing and release their hard work without strings attached. They understand the alternatives but actively choose to stick with a license that doesn't childishly punish those who cannot or won't return the favor. They do what they do not to "stick it" to corporations but rather because they love to code and love when their code is used to improve peoples' lives. They even love it when somebody is able to take what they've done and build off of it or incorporate it into a product. It's a matter of love, and love must be given without strings and viral conditions. It's true charity, and charity is for the giver as much as the receiver. It's the BSD philosophy, and it's not often understand by the GNU herd. But that's okay, because the software we write is for them, too. And we love it even if they don't understand why.

    Thanks OpenBSD. You're awesome. I hope a lot of people today make good use of this link.

    --
    This author takes full ownership and responsibility for the unpopular opinions outlined above.
  11. rsync over SSH for backups by Cato · · Score: 4, Informative

    One of the best things about SSH is rsync - you only need an SSH enabled login on a machine, with a copy of rsync, to be able to efficiently copy data with block-level incremental efficiency. Even better, there are excellent backup tools such as rsnapshot that build on rsync to store multiple versions of a file in the backup file tree, using hard links to avoid storing the same version twice - so every backup is a full backup in terms of easy recovery, but an incremental backup in terms of network and storage efficiency.

    See http://slashdot.org/comments.pl?sid=1371703&cid=29451267 for more about rsnapshot and friends.