Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

No, they aren't related at all. OpenSSH is everyone's poster child for a good, open implementation of a security protocol.


For some values of "everyone"

Rob Pike Responds - Slashdot

18 Oct 2004 ... ... but when ssh is the foundation of your security architecture, you know things aren't working as they should

http://slashdot.org/story/50858


I don't think he was impugning SSH's security record at all: just the perceived abuse of the protocol.

The entire quote, in context:

10) Biggest problem with Unix - by akaina

Recently on the Google Labs Aptitude Test there was a question: "What's broken with Unix? How would you fix it?"

What would you have put?

Pike:

Ken Thompson and I started Plan 9 as an answer to that question. The major things we saw wrong with Unix when we started talking about what would become Plan 9, back around 1985, all stemmed from the appearance of a network. As a stand-alone system, Unix was pretty good. But when you networked Unix machines together, you got a network of stand-alone systems instead of a seamless, integrated networked system. Instead of one big file system, one user community, one secure setup uniting your network of machines, you had a hodgepodge of workarounds to Unix's fundamental design decision that each machine is self-sufficient.

Nothing's really changed today. The workarounds have become smoother and some of the things we can do with networks of Unix machines are pretty impressive, but when ssh is the foundation of your security architecture, you know things aren't working as they should.


He just didn't say so in that interview, however :

From: 9fans@cse.psu.edu (rob pike)

Date: Mon, 1 Jan 2001 09:37:12 -0500

Subject: [9fans] Re: The problem with SSH2

Message-ID: <20010101143731.DB61F199E7@mail.cse.psu.edu>

My disagreement with SSH is more specific. It is a securitymonger's plaything, so has been stuffed with every authentication and encryption technology known, yet those that are configured when it is installed is a random variable. Therefore both sides must negotiate like crazy to figure how to talk, and one often finds that there is no shared language. This is idiocy. The complexity is silly, but much worse is that there isn't at least one guaranteed protocol for authentication and encryption that both ends always have and can use as a fallback. I would argue that that would always be sufficient, but I know I'm in the minority there. I do argue that it's demonstrably necessary.

Algorithms everywhere, and not a byte to send.

By making the thing too complicated, they defeat the very purpose of security. Difficult administration results in incorrect or inadequate installation. There are cases when I can't use ssh, a direct consequence.

-rob

Russ Cox chimes in

we're stuck with ssh, but let's not delude ourselves into thinking it's a good protocol.

(i'm talking about ssh1; ssh2 looks worse.)

russ


Thanks, that makes more sense.


How does Plan 9 address this, exactly? It doesn't seem much different than Unix's networking.


https://en.wikipedia.org/wiki/9P

also http://plan9.bell-labs.com/sys/doc/auth.html


That's not a criticism of OpenSSH itself, but of the way Unix systems hadn't progressed from being a set of standalone systems to one networked system. The mention of SSH is not as a criticism of the protocol or OpenSSH. It's a criticism of the Unix world's lack of progress in moving towards what Pike sees as a better way of building large systems.


Thanks for posting that, is a damn good read.


That's not related to the previous post. He's talking about code, Rob Pike is talking about protocol.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: