[Biojava-l] CVS difficulties & SSH changes (need feedback)

Chris Dagdigian dag@sonsorol.org
Mon, 12 Feb 2001 16:16:04 -0500 

Folks,

While doing some general system and security upgrades on our servers (the 
main one and the anonymous CVS server). I ended up upgrading our SSH daemon 
to SSH 2.4.0 and in the process I have altered the configuration so that 
connections via the SSH1 protocol are now no longer allowed.

The decision to turn off SSH1 support was made arbitrarily by me :) for 
system security reasons. The SSH1 protocol is being retired and has been 
described as having very serious non-fixable security holes. You can read 
what the ssh.com people have to say about the many vulnerabilities at: 
http://www.ssh.com/products/ssh/cert/

What this means is that we should all be using SSH2 to connect. I have 
verified that on unix the OpenSSH  (www.openssh.com) client code has no 
trouble at all in connecting to our server (both for login and cvs 
commands) for both Linux and OpenBSD. On Windows I've verified that at 
least the freeware Putty SSH2 client works just fine (as long as you tell 
it to use ssh2).

There is one problem that is still unresolved -- it seems that disabling 
SSH1 support has broken CVS access for at least 2 of our users who are 
using Windows based CVS client software. This is obviously not cool and I'm 
still trying to figure out what is going on.

This is where I need some help:

o If you have any problems with CVS-via-SSH on unix please let me know 
directly or email the server admin's at root-l@bioperl.org

o If you are a Windows CVS client user and are not having problems please 
let me or root-l@bioperl.org know so that we can help others out.

o If you are a Windows CVS client user who cannot currently use CVS drop me 
a note so that I can ensure you get notified of any eventual fixes.

I'm very sorry about the inconvenience this may be causing our developers, 
especially as several projects are nearing release dates.

Regards,
Chris







Chris Dagdigian -- Blackstone Technology Group
(Work  ) dagdigian@computefarm.com  (Home) dag@sonsorol.org
(Web   ) http://ComputeFarm.com, http://open-bio.org, http://www.sonsorol.org
(More  ) Full contact info and schedule -- www.sonsorol.org/dag/contact.html