[70992] in North American Network Operators' Group
Re: IT security people sleep well
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Jun 3 17:33:47 2004
To: Eric Kuhnke <eric@fnordsystems.com>
Cc: nanog@merit.edu
In-Reply-To: Your message of "Thu, 03 Jun 2004 13:16:44 PDT."
<40BF872C.6020407@fnordsystems.com>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 03 Jun 2004 17:32:56 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-1899979429P
Content-Type: text/plain; charset=us-ascii
On Thu, 03 Jun 2004 13:16:44 PDT, Eric Kuhnke <eric@fnordsystems.com> said:
> The part about Telnet is truly scary... Among people who have "clue",
> the biggest reason I have heard to continue running ssh1 is for
> emergency access via hand-held smartphones or other pocket sized
> devices. The Handspring Treo 180 and similar keyboarded cellphone-pda
> devices don't have the CPU power necessary for a SSH2 key exchange,
> unless I'm drastically mistaken about the FPU abilities of a 33 MHz
> Motorola Dragonball...
Unless the Dragonball is an 8-bit CPU, it shouldn't be *too* painful - looking at
the ssh 3.2.9.1 tree from ssh.com, the *only* reference to 'float' or 'double'
in the entire include/*.h tree is a "typedef double SshTimeT;". Since a sane
key wont fit in an int, float, or double, it's all done using integer/logical
operations on arrays (more or less).
I just retired an IBM RS6000/350 - that had a whole whopping 50mz Power
chipset in it, and ran ssh2 just fine. I know that the model 220 was a 33MHz
ppc 601 chipset, and that did SSH without burping too (The 601 chipset was
also used in the Macintosh 6600 machines).
If it's got enough CPU to connect to an SSL webpage, it's got enough for SSH.
--==_Exmh_-1899979429P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFAv5kHcC3lWbTT17ARAqR9AJ9m8gnXLxsJ4TrQjzw+zicStV/hawCfQAQM
lZypCaiMiBXTyW9/I1zBE2I=
=Lb4O
-----END PGP SIGNATURE-----
--==_Exmh_-1899979429P--
