PuTTY wish ssh2-default

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: Default to SSH-2 protocol instead of SSH-1
class: wish: This is a request for an enhancement.
difficulty: fun: Just needs tuits, and not many of them.
priority: medium: This should be fixed one day.
fixed-in: 2002-10-14 (0.54) (0.55) (0.56) (0.57) (0.58) (0.59) (0.60) (0.61) (0.62)

Version 2 of the SSH protocol has various security and other enhancements over SSH-1. We should encourage its use.

One way of doing this is to make SSH-2 the default protocol (currently it's SSH-1). Note that while PuTTY will fall back to SSH-1 if necessary, this is potentially a user-visible change, as if SSH-2 is chosen users will be prompted about new host keys. (Perhaps the host key dialogue should indicate which keys we do have? See also `hostkey-policy'.)

Conversely, many upgrading users won't see this change, as it's only the `factory default' that changes; if they've got saved settings with SSH-1 selected then that won't change.

In future we might consider `turning off' SSH-1 by default (i.e., making `2 only' the default). Can't reasonably do this until SSH-2 is practically ubiquitous.

Our documentation should probably discuss the security implications of using SSH-1, too. (For a starting point see the Snail Book FAQ.)

Update: Even Debian stable includes SSH-2 support now, so we can reasonably get away with this. Fixed in snapshots.

Audit trail for this wish.

If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2005-03-10 16:36:42 +0000)