diff options
| author | Ed Maste <emaste@FreeBSD.org> | 2021-07-06 17:23:51 +0000 |
|---|---|---|
| committer | Ed Maste <emaste@FreeBSD.org> | 2021-07-06 18:19:47 +0000 |
| commit | b45dd6398ac616ef6a0b4061277a90b2b0ff1240 (patch) | |
| tree | 3d801cad0b6dda38c71f20f665c0b87ccf6b59c5 /documentation/content/en/books/handbook/security | |
| parent | 0a7a07dcccf3cc3c4a43174cbdafc6df88c59e81 (diff) | |
| download | doc-b45dd6398ac616ef6a0b4061277a90b2b0ff1240.tar.gz doc-b45dd6398ac616ef6a0b4061277a90b2b0ff1240.zip | |
handbook: OpenSSH no longer supports protocol v1
Base system commit 4f52dfbb8d6c (May 2018) introduced OpenSSH 7.6p1,
which dropped support for the SSH v1 protocol. The v2 protocol has
existed for a very long time and is ubiquitous so there is no need
to mention protocol compatibility at all here.
Reviewed by: ygy
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31079
Diffstat (limited to 'documentation/content/en/books/handbook/security')
| -rw-r--r-- | documentation/content/en/books/handbook/security/_index.adoc | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/documentation/content/en/books/handbook/security/_index.adoc b/documentation/content/en/books/handbook/security/_index.adoc index 1d9d764b47..4d60f4012b 100644 --- a/documentation/content/en/books/handbook/security/_index.adoc +++ b/documentation/content/en/books/handbook/security/_index.adoc @@ -1576,7 +1576,6 @@ Additionally, TCP/IP connections can be tunneled or forwarded securely through S OpenSSH encrypts all traffic to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. OpenSSH is maintained by the OpenBSD project and is installed by default in FreeBSD. -It is compatible with both SSH version 1 and 2 protocols. When data is sent over the network in an unencrypted form, network sniffers anywhere in between the client and server can steal user/password information or data transferred during the session. OpenSSH offers a variety of authentication and encryption methods to prevent this from happening. @@ -1606,10 +1605,8 @@ When the user accepts the key's fingerprint by typing `yes` when connecting for Future attempts to login are verified against the saved key and `ssh` will display an alert if the server's key does not match the saved key. If this occurs, the user should first verify why the key has changed before continuing with the connection. -By default, recent versions of OpenSSH only accept SSHv2 connections. -By default, the client will use version 2 if possible and will fall back to version 1 if the server does not support version 2. -To force `ssh` to only use the specified protocol, include `-1` or `-2`. -Additional options are described in man:ssh[1]. +Recent versions of OpenSSH only accept SSHv2 connections. +SSH protocol version 1 is obsolete. Use man:scp[1] to securely copy a file to or from a remote machine. This example copies [.filename]#COPYRIGHT# on the remote system to a file of the same name in the current directory of the local system: |