The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]

Things look quiet here. But I've been doing a lot of blogging at dan.langille.org because I prefer WordPress now. Not all my posts there are FreeBSD related. I am in the midst of migrating The FreeBSD Diary over to WordPress (and you can read about that here). Once the migration is completed, I'll move the FreeBSD posts into the new FreeBSD Diary website.

ssh2 - when ssh won't do 13 August 1999
Need more help on this topic? Click here
This article has no comments
Show me similar articles
[Ed. After this article was written, OpenSSH was released.  You should read Installing OpenSSH - less restrictive than ssh instead of this article.]

This article was submitted by Nadav Eiron <nadav@cs.technion.ac.il>.  My thanks for the help.

Note: ssh has quite liberal licensing restrictions.  You should read the ssh article and the links therein to determine which is best for you.

ssh2 and other ssh goodies.
Recently some of you may have noticed a new version of ssh showing up.  It even has its own port now, /usr/ports/security/ssh2.  As a veteran user of ssh, I'll try and tell you about my experience with ssh2.

First, one fair warning.  There is a change of license terms between ssh and ssh2.  While ssh is free for any non-commercial use, ssh2 is only free for personal or educational use.  I know the line here is somewhat thin, and I, as I'm not trained in the legal profession, can only refer you to http://www.ssh.fi/ for further details.  Bottom line: ssh2 may well be unsuitable due to licensing.  Watch out!

Installation
Like any other FreeBSD port, this is the easy part:
cd /usr/ports/security/ssh2
make
make install

Note that if you don't have ssh installed, it will install it for you by default.  ssh2 uses a different protocol from ssh.  To maintain backward compatibility, it uses the old executables to communicate with hosts that have only ssh (it will warn you when this happens).  In case there's still some kind of incompatibility, you can always use the ssh executables by appending the digit '1' to their name.  For example: ssh1, scp1, ssh-keygen1, etc.

Basic usage, for both client and server, is the same as with ssh.  For instance:

[214] csd:~ => ssh nadav@ssl100-bsd.cs.technion.ac.il
Enter passphrase for RSA key 'nadav@csd': 
Last login: Tue Jul 27 21:11:50 1999 from gvul.haifa.il.ib
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.

FreeBSD 3.2-RELEASE (LIBAGENT) #1: Thu Jun 10 11:46:17 IDT 1999

Welcome to FreeBSD! You will find security advisories and updated
errata information for all releases at 
http://www.FreeBSD.ORG/releases/

Anthony's Law of Force:
Don't force it; get a larger hammer.
ssl100-bsd: {101} 
ssh or ssh2?
So why use ssh2 over ssh if they are so much alike?  One benefit of ssh2 is a wide variety of new encryption protocols.  It is also believed to have been more carefully cryptoanalyzed (read all about it in http://www.ssh.fi).  It is also claimed that the
encryption algorithms in ssh2 are more efficiently implemented.

Another benefit that I like is the new sftp utility.  This is an ssh client that behaves pretty much like the ftp client.  It has some rough edges around it, but I still find it more convenient to use than using scp to transfer multiple files.

Finally, ssh2 is where new development occurs, so I guess you'll be seeing more features introduced to it over time.


Share
Need more help on this topic? Click here
This article has no comments
Show me similar articles