I have not found security holes in ssh-1.2.14, which is the version I've looked at most in depth. However, I have found things that are disquieting, and as such assume that clever professionals with time available might be able to exploit something. 'Standard' hackers with toolkits are likely to move to the next site. Adam Chad Dougherty wrote: | Adam Shostack writes: | > Theres a windows version, mac is under vauge development. SSH | > is pretty cool, but the code base is somewhat messy, and its shows | > signs of its origins in things like systems calls not having their | > return values checked. | > | > Despite all this, I use it, like it, and recomend it for use | > in systems not likely to come under attack by professionals. | > | > Adam | > | | Why do you say "not likely to come under attack by professionals"? | Have you found security holes in it? | | -Chad -- "It is seldom that liberty of any kind is lost all at once." -Hume