From: Daniel Pittman Date: 03:48 on 11 Dec 2003 Subject: OpenSSH and it's built-in denial of service "feature" ...I hate OpenSSH. It's sure nice to have a free SSH server and all, but it is *so* full of hateful half-complete features. In this case, we need to use password expiration on our systems, because company policy demands it. So, we enable this. Life is good.[1] Then a password expires. Fine, whatever. So, user tries to log in to the master server where they need to change the password.[2] OpenSSH knows that the password is expired, so they are not permitted to log in. That is a fine feature, except... ...OpenSSH does not implement changing passwords. Oh, yes, it can tell you to sod off if your password is now expired, because that is so useful, especially when that is the only way to get in to the machine to change the password. Advice to programmers: if you want to leave your feature half finished, do it is a way that isn't going to suddenly impale someone through the heart and have them bleed to death. At least the server isn't in the data center in Kansas yet... Daniel Footnotes: [1] Well, the interface is hateful, and distributing passwords across machines is hateful, but not quite as hateful as OpenSSH. [2] See point one. All distributed password systems suck.
From: peter (Peter da Silva) Date: 12:22 on 11 Dec 2003 Subject: Re: OpenSSH and it's built-in denial of service "feature" > ...I hate OpenSSH. It's sure nice to have a free SSH server and all, > but it is *so* full of hateful half-complete features. I hate SSH because it's got a fundamentally broken design. I hate the official implementation of SSH because it deliberately makes it as hard as possible to set up a server that's compatible with all the variants of sshv1 and sshv2 clients out there. Thanks for completing the unholy trinity with a new chunk of evil for OpenSSH. If only I didn't hate all the alternatives to SSH even more... > [2] See point one. All distributed password systems suck. Almost there! "All software sucks". Live it! Be it! Is it in you?
Generated at 10:27 on 16 Apr 2008 by mariachi