The company I work for uses SSH 2 (as opposed to SSH1) because it is
more secure. However, we have been advised by another company whose
product we use, to use SSH 1 as this gives a faster connection.
Personally I haven't noticed SSH 2 being particularly slow, but my
customer is concerned about it and I don't know enough about this issue
to really advise either way. Could anyone here help me out please?
Thanks,
JS.
JS> Hi, The company I work for uses SSH 2 (as opposed to SSH1) because
JS> it is more secure. However, we have been advised by another
JS> company whose product we use, to use SSH 1 as this gives a faster
JS> connection.
JS> Personally I haven't noticed SSH 2 being particularly slow, but my
JS> customer is concerned about it and I don't know enough about this
JS> issue to really advise either way. Could anyone here help me out
JS> please?
SSH protocol version 1 is deprecated in favor of the current draft version
2. Version 1 is much less flexible, has known, exploited, and unfixable
security flaws, and its implementations are no longer under active
development. While it's not so broken as to rule it out entirely, it is
not a good idea to use it while you have a choice.
Protocol 2 can be noticeably slower on connect due to the more complex key
exchange; however, this is usually only a problem on older, slower
hardware.
--
Richard Silverman
sl...@shore.net
>Protocol 2 can be noticeably slower on connect due to the more complex key
>exchange; however, this is usually only a problem on older, slower
>hardware.
Restricting openssh to IPv4 and not IPv6 reduces connection setup time where
I've tried it.
--
decoy mail addresses: obtain username via 0x4f/tcp or 0x50/tcp
"all mail refused" <el...@notatla.demon.co.uk> wrote in message
news:slrnb49ubk...@notatla.demon.co.uk...
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.445 / Virus Database: 250 - Release Date: 2003-01-21
WP> You might mention that simple telnet is far faster yet. If you
WP> want good security in your session traffic, you MUST put up with
WP> some delay time for security processing. Considering the
WP> advantages of protocol 2 over protocol 1, any slight delay should
WP> be a trivial issue.
It may not be "slight." On older Sun hardware, for example, an SSH-2
connection can take a minute or more to set up.
--
Richard Silverman
sl...@shore.net