North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: IT security people sleep well
On Thu, 03 Jun 2004 13:16:44 PDT, Eric Kuhnke <email@example.com> said: > The part about Telnet is truly scary... Among people who have "clue", > the biggest reason I have heard to continue running ssh1 is for > emergency access via hand-held smartphones or other pocket sized > devices. The Handspring Treo 180 and similar keyboarded cellphone-pda > devices don't have the CPU power necessary for a SSH2 key exchange, > unless I'm drastically mistaken about the FPU abilities of a 33 MHz > Motorola Dragonball... Unless the Dragonball is an 8-bit CPU, it shouldn't be *too* painful - looking at the ssh 126.96.36.199 tree from ssh.com, the *only* reference to 'float' or 'double' in the entire include/*.h tree is a "typedef double SshTimeT;". Since a sane key wont fit in an int, float, or double, it's all done using integer/logical operations on arrays (more or less). I just retired an IBM RS6000/350 - that had a whole whopping 50mz Power chipset in it, and ran ssh2 just fine. I know that the model 220 was a 33MHz ppc 601 chipset, and that did SSH without burping too (The 601 chipset was also used in the Macintosh 6600 machines). If it's got enough CPU to connect to an SSL webpage, it's got enough for SSH.