version 1.92, 2001/11/30 20:04:12 |
version 1.93, 2001/12/05 10:34:46 |
|
|
</ul> |
</ul> |
<p> |
<p> |
|
|
Roughly, we took a free license release of ssh and OpenBSD-ifyed it. |
Roughly said, we took a free license release of ssh, OpenBSD-ifyed it. |
We get around the USA-based RSA patent by providing an easy way to |
About a year later, we extended OpenSSH to also do SSH 2 protocol, the |
automatically download and install a RSA-enabled package containing |
result being support for all 3 major SSH protocols: 1.3, 1.5, 2.0. |
shared library versions of libcrypto and libssl. These packages are |
|
based on OpenSSL. People living outside the USA can freely use the |
|
RSA patented code, while people inside the USA can freely use it for |
|
non-commercial purposes. It appears as if companies inside the USA |
|
can use the RSA libraries too, as long as RSA is not used in a profit |
|
generating role.<p> |
|
|
|
But this way almost everyone will get ssh built into their OS.<p> |
|
|
|
<strong>NEW! OpenSSH supports protocol 2.0!</strong><p> |
|
|
|
Recently, we have extended OpenSSH so that it also does SSH 2 protocol. |
|
Having a ssh daemon which can do all 3 major SSH protocols |
|
(1.3, 1.5, 2.0) permits us much flexibility. Protocol 2.0 does not |
|
use RSA for it's public key cryptography, relying instead on the DH |
|
and DSA algorithms. In OpenBSD 2.7 -- which will ship with the new |
|
OpenSSH -- you get protocol 2.0 support right out of the box! If |
|
you wish to also support protocol 1.3 and 1.5, you simply add the |
|
RSA package (as described our |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ssl>ssl</a> |
|
manual page), and restart the daemon. |
|
|
|
<a name=prng></a> |
<a name=prng></a> |
<h3><font color=#e00000>Pseudo Random Number Generators</font></h3><p> |
<h3><font color=#e00000>Pseudo Random Number Generators</font></h3><p> |
|
|
|
|
|
|
<li><b>Intel IPsec card</b><br> |
<li><b>Intel IPsec card</b><br> |
Much like Intel does for all their networking division components, and |
Much like Intel does for all their networking division components, and |
completely unlike most other vendors, Intel steadfastly refuse to provide |
completely unlike most other vendors, Intel steadfastly refuses to provide |
us with documentation. We have talked to about five technical people who |
us with documentation. We have talked to about five technical people who |
are involved in the development of those products. They all want us to |
are involved in the development of those products. They all want us to |
have documentation. They commend us on what we have done. But their hands |
have documentation. They commend us on what we have done. But their hands |