On Wed, Sep 28, 2005 at 10:34:56AM -0700, Ross Jordan wrote: > On Wed, Sep 28, 2005 at 01:36:47PM -0400, Stephen Gregory wrote: > > Adrian Irving-Beer wrote: > > > > > >I don't have an answer, nor do I mean to advocate, but I'm curious. > > >Why are you using the non-free ssh.com version rather than OpenSSH? > > > > I trust SSH2 to be secure more then I trust OpenSSH. > > why? OpenSSH is more widely used, open, reviewed and written by some > top notch security guys. I'm not trying to start a flamewar, but > why would ssh.com version of ssh be any better? ...because they wrote the IETF standard. ...because they wrote the reference implementation. ...because they are not gratuitously different than the reference implementation or the standard. ...because they didn't have a rash of security-related exploits published and used against them causing a rash of security-related patches to be released in a short period of time. ...because they aren't the only ones who claim their products are secure. ...because they aren't as arrogant about it. I'm with Stephen Gregory on this one. > -Ross slainte mhath, RGB GPC Listmaster -- Richard Guy Briggs -- ~\ Auto-Free Ottawa! Canada <www.TriColour.net> -- \@ @ <www.flora.org/afo/> No Internet Wiretapping! -- _\\/\%___\\/\% Vote! -- <Green.ca> <www.OpenSWAN.org>___________GTVS6#790__(*)_______(*)(*)___<www.Marillion.com>