On 2025/09/04 14:46, Rene Malmgren wrote: > I did link to Dropbear in my latest post, but I would not say that > Dropbear is a good replacement for every use case. yes, it's a good fit in some circumstances (as is tinyssh) but is quite limited, and I don't think it's likely to have been through anything like the analysis that OpenSSH has been through (e.g. consider the lovely detailed write-ups from Qualys for the things which they've investigated and found issues with - and think how much more investigation must have been done that hasn't resulted in anything that could be written up...) > Now from my perspective I would say that there is demand for a better > version of SSH on the market, since almost every developer uses it, > and its use everywhere, including airports, banks, crypto exchanges > and so on. "on the market" is an interesting term here - I don't think I would want to be trusting something like this software to market forces. I'd expect actual security and careful design to take a backseat to tickbox marketing items. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
