top | item 38967151

(no title)

Jenda_ | 2 years ago

Because the old algorithm only endangers the communication and the remote device (and this may even not be the case, as such an old device should not be exposed to the world), while the old client may compromise security of the local computer. (fortunately, bugs in SSH client are uncommon; with e.g. browsers it's a different story)

Of course a reasonable solutions would be to run it in some sandbox/VM.

Additionally, the old client will be difficult to use in a current OS because of library and general system incompatibility (Debian with openssh-client-ssh1 is a rare exception, and it's just a command-line ssh, not the library mentioned in https://news.ycombinator.com/item?id=38963372).

discuss

No comments yet.