OpenSSH 5.4 Released
HipToday writes "As posted on the OpenBSD Journal, OpenSSH 5.4 has been released: 'Some highlights of this release are the disabling of protocol 1 by default, certificate authentication, a new "netcat mode," many changes on the sftp front (both client and server) and a collection of assorted bugfixes. The new release can already be found on a large number of mirrors and of course on www.openssh.com.'"
Use at your own risk.
Of course the license document included with this software spells out exactly what conditions the devs have placed on distribution, preparation of derivative works, etc. If they had wanted to, they could have required these companies to pay, or to provide source code, or whatever. They already made their choice; it's not really fair to whine about it now.
They have donated by giving credibility to the project by choosing to use it; this in turn increases the number of eyes testing and contributing towards bug fixes and improvements. This is precisely the way that BSD-derived licenses work: the only thing you can expect is acknowledgement, and the only thing you can hope for is patches. To release under a licence which makes no accommodation whatever for financial compensation then write what comes down to a complaint that people aren't paying you is quite unreasonable.
If it bothers you that Apple, Red Hat, Cisco, Juniper, and Novell aren't sending you a check in the mail, how about you change your license to make them pay: if it is cheaper for them than forking your code, they'll do it.
I, for one, would much prefer to contribute toward effort on security at the lower levels rather than a single big tunnel. ssh it is almost as obnoxious as nat in this respect. I also got a bad taste from openssh ever since they disabled the "none" encryption - the amateur radio bands do not allow message encryption, but authentication/signing remains acceptable and useful.
443 from XS4ALL is an SSL (well HTTPS) daemon, not an SSH daemon. Please hand in your wannabe sysadmin badge leave slashdot.
Who is complaining? I am told here; you are not using OpenBSD when I am in fact. There are no obvious errors showing up in the log files, yes, that's my problem. And yes, I had someone look at it who is more experienced that I am in setting up OpenBSD as a firewall and it is a valid thing to do, have another pair of eyes look at it, or are you infallible and never miss something that is obvious for someone else sometimes at the first glance? Geez, to talk to you people here, you are gods.
You can't handle the truth.
yes, thank you, Sherlock, what would I ever do without random advice from /. To think, how did I manage to have an OpenBSD box as a firewall since August and never needed to look at the log files through tcpdump? That's it, you have solved it for me.
You can't handle the truth.