There has been found and bug in the ssh 3.0.1 to 3.1.0 series. And if you look in ssh2 ports dir, you will see it juse 3.1.0. If you dont conf your config file right, you would be vuln to this bug. Read about it here http://online.securityfocus.com/archive/1/273840/2002-05-23/2002-05-29/0 http://www.ssh.com/products/ssh/advisories/authentication.cfm The maintainer of this port has also been notified about this problem. So at last, i would like to have this port marked as forbidden. And the maintainer shuld update it ! Fix: Either conf your config file right. Patch your current ssh, or you shuld upgraded to the newest version. That is 3.1.2 at this time. How-To-Repeat: Install ssh2 3.1.0 and juse standar conf ? ;)
I don't believe this is actively maintained anymore, everyone should be using openssh. If you would care to submit a diff to upgrade this to the latest version and the maintainer doesn't respond for a few weeks we can upgrade it. If you don't, and the maintainer doesn't respond, nothing is likely to happen.
This is a multi-part message in MIME format.
State Changed From-To: open->closed Update committed, thanks for the problem report + the patch.