| version 1.92, 2001/11/30 20:04:12 |
version 1.93, 2001/12/05 10:34:46 |
|
|
| </ul> |
</ul> |
| <p> |
<p> |
| |
|
| Roughly, we took a free license release of ssh and OpenBSD-ifyed it. |
Roughly said, we took a free license release of ssh, OpenBSD-ifyed it. |
| We get around the USA-based RSA patent by providing an easy way to |
About a year later, we extended OpenSSH to also do SSH 2 protocol, the |
| automatically download and install a RSA-enabled package containing |
result being support for all 3 major SSH protocols: 1.3, 1.5, 2.0. |
| shared library versions of libcrypto and libssl. These packages are |
|
| based on OpenSSL. People living outside the USA can freely use the |
|
| RSA patented code, while people inside the USA can freely use it for |
|
| non-commercial purposes. It appears as if companies inside the USA |
|
| can use the RSA libraries too, as long as RSA is not used in a profit |
|
| generating role.<p> |
|
| |
|
| But this way almost everyone will get ssh built into their OS.<p> |
|
| |
|
| <strong>NEW! OpenSSH supports protocol 2.0!</strong><p> |
|
| |
|
| Recently, we have extended OpenSSH so that it also does SSH 2 protocol. |
|
| Having a ssh daemon which can do all 3 major SSH protocols |
|
| (1.3, 1.5, 2.0) permits us much flexibility. Protocol 2.0 does not |
|
| use RSA for it's public key cryptography, relying instead on the DH |
|
| and DSA algorithms. In OpenBSD 2.7 -- which will ship with the new |
|
| OpenSSH -- you get protocol 2.0 support right out of the box! If |
|
| you wish to also support protocol 1.3 and 1.5, you simply add the |
|
| RSA package (as described our |
|
| <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ssl>ssl</a> |
|
| manual page), and restart the daemon. |
|
| |
|
| <a name=prng></a> |
<a name=prng></a> |
| <h3><font color=#e00000>Pseudo Random Number Generators</font></h3><p> |
<h3><font color=#e00000>Pseudo Random Number Generators</font></h3><p> |
| |
|
|
|
| |
|
| <li><b>Intel IPsec card</b><br> |
<li><b>Intel IPsec card</b><br> |
| Much like Intel does for all their networking division components, and |
Much like Intel does for all their networking division components, and |
| completely unlike most other vendors, Intel steadfastly refuse to provide |
completely unlike most other vendors, Intel steadfastly refuses to provide |
| us with documentation. We have talked to about five technical people who |
us with documentation. We have talked to about five technical people who |
| are involved in the development of those products. They all want us to |
are involved in the development of those products. They all want us to |
| have documentation. They commend us on what we have done. But their hands |
have documentation. They commend us on what we have done. But their hands |
![[BACK]](/icons/back.gif){kind=icon}
Return to crypto.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www