SUMMARY: Sun_SSH vs OpenSSH part 2

From: Dave McNeill <>
Date: Wed Mar 19 2003 - 05:49:58 EST
I thought you might like to see this.

>>> Casper Dik <Casper.Dik@Sun.COM> 19/03/03 10:33:28 >>>

>Thanks also to George who suggests that Sun_SSH is less secure than
>OpenSSH and that I should consider using OpenSSH on Solaris 9 instead.
>would welcome anybody else's thoughts on this.

I woudl certainly question that statemetn; while OpenSSH now
has something called "privilege seperation" which could
theoretically prevent exploits to have certain privileges
immediately, the implementation of privilege separation is
not flexible enough to support PAM and Solaris Auditing

I strongly suggest to stick with Solaris SSH; it's supported
and we are committed to fixing security holes in it.
It's also the only viable solution if you need to use Solaris

The PATH setting is the same as for telnetd/etc.  The global
setting should not be set per daemon but rather system wide
(/etc/profile, /etc/.login or /etc/default/login) and not
in a per-daemon configuration file.

sunmanagers mailing list
Received on Wed Mar 19 05:54:04 2003

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:07 EST