Announcement

Collapse
No announcement yet.

OpenSSH 8.7 Released With Experimental SFTP Support For SCP

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by kpedersen View Post

    I'm quite a fan of BearSSL for my own projects. Though for work I tend to stick to OpenSSL because "its the norm innit!".
    There's a bearssl port of openssh https://github.com/oasislinux/openssh

    Openssh can also be built without openssl.

    Comment


    • #12
      It's nice to see progress there to replace old scp protocol by SFTP and therefore to have a solution for this vulneralibity:
      https://nvd.nist.gov/vuln/detail/CVE-2020-15778

      Comment


      • #13
        As much as I like Rust, it's not a magic bullet. It's quite common for Rust code to use OpenSSL for a start. There are pure-Rust alternatives like Ring but they haven't had anything like the amount of scrutiny that OpenSSL has had. I'd personally take my chances with OpenSSL.

        As mentioned above, OpenSSH can be built without OpenSSL but that's understating it. You only need OpenSSL for additional algorithms and very niche features. I don't think I've ever needed these myself.

        Comment


        • #14
          Originally posted by uid313 View Post
          I think they ought to port OpenSSH to Rust, maybe not all of it, but at least the daemon so that it may be safer against remote exploits.
          A better option might be C# and Mono, along with Active Directory integration. Once we can do Windows Domain services over SSH, we can drop the legacy SSH command prompt altogether.

          Comment


          • #15
            Originally posted by torsionbar28 View Post
            A better option might be C# and Mono, along with Active Directory integration. Once we can do Windows Domain services over SSH, we can drop the legacy SSH command prompt altogether.
            That is a very interesting idea!
            Not Mono though, just .NET 5 which is cross-platform and officially natively available for Linux. Mono is a implementation of the old .NET Framework.
            Active Directory integration sounds great, but this wouldn't have to be done in C# though, you could have the Active Directory protocol implemented in Rust.

            Comment

            Working...
            X