IT security people sleep well
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Thu Jun 3 21:32:56 UTC 2004
On Thu, 03 Jun 2004 13:16:44 PDT, Eric Kuhnke <eric at fnordsystems.com> said:
> The part about Telnet is truly scary... Among people who have "clue",
> the biggest reason I have heard to continue running ssh1 is for
> emergency access via hand-held smartphones or other pocket sized
> devices. The Handspring Treo 180 and similar keyboarded cellphone-pda
> devices don't have the CPU power necessary for a SSH2 key exchange,
> unless I'm drastically mistaken about the FPU abilities of a 33 MHz
> Motorola Dragonball...
Unless the Dragonball is an 8-bit CPU, it shouldn't be *too* painful - looking at
the ssh 3.2.9.1 tree from ssh.com, the *only* reference to 'float' or 'double'
in the entire include/*.h tree is a "typedef double SshTimeT;". Since a sane
key wont fit in an int, float, or double, it's all done using integer/logical
operations on arrays (more or less).
I just retired an IBM RS6000/350 - that had a whole whopping 50mz Power
chipset in it, and ran ssh2 just fine. I know that the model 220 was a 33MHz
ppc 601 chipset, and that did SSH without burping too (The 601 chipset was
also used in the Macintosh 6600 machines).
If it's got enough CPU to connect to an SSL webpage, it's got enough for SSH.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20040603/0c5c0f6c/attachment.sig>
More information about the NANOG
mailing list