Helsinki, Finland -
March 2, 2006
SSH Tectia Newsletter Vol.20 - Tatu Ylonen in RSA Conference, San Jose
SSH Communications Security >> http://www.ssh.com
======================================================
[ SSH TECTIA NEWSLETTER (VOLUME 20) ] < March 2, 2006 >
======================================================
* Product News (1) - SSH Tectia Manager 2.1.2 Released
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SSH Tectia Manager 2.1.2 maintenance update was released on February 24, 2006. The changes are:
For more details on the release, please read the release notes at
http://www.ssh.com/support/documentation/release_notes/.
For more product information, please see http://www.ssh.com/products/tectia/manager/.
*Important notice to our maintenance customers: As our maintenance customer, you are entitled to upgrade to SSH Tectia Manager 2.1.2 from your existing product versions. You can download the new installation packages from SSH Customer Download Center at https://downloads.ssh.com. Please log in with your e-mail address. Your password has been provided to you earlier.
* Product News (2) - SSH Tectia Server 4.3/4.4 SFTP Vulnerability
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A vulnerability has been found in the SFTP server (sftp-server) component of SSH Tectia Server 4.4.0 and earlier. If you are running an affected product version, please read through the news in the below link carefully, evaluate the exposure in your environment, and implement the fix based on the implications.
http://www.ssh.com/company/newsroom/article/715/
* Company News - Tatu Ylönen in RSA Conference, San Jose
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tatu Ylönen, the developer of the Secure Shell protocol and the founder of SSH Communications Security, gave a presentation on February 14 in the RSA Conference in San Jose. The presentation covered how the growing use of integrated, complex applications has made cyberspace more dangerous, blunting the effectiveness of perimeter security. Coverage of Tatu's presentation and an interview can be found on the following sites:
SearchSecurity.com:
http://searchsecurity.techtarget.com/qna/0,289202,sid14_gci1164801,00.html
TG Daily:
http://www.tgdaily.com/2006/02/15/tatu_ylonen_interview_rsa_2006/
* Tips & Tricks: SSH Tectia Server in Cluster Environment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When SSH Tectia Server is installed on a host that is part of clustering or a high-availability setup, the identity of the server host has to be taken into consideration.
One option is to use the same hostkey pair of the primary SSH Tectia Server host also on the secondary SSH Tectia Server host(s). The important thing with this approach is that the private key of the primary host has to be transferred securely to the secondary host(s).
Another option that enables using individual identities for each host also in cluster environments is to use host certificates instead of hostkeys. For example, the Internal Certification Authority of SSH Tectia Manager can be used to issue host certificates for SSH Tectia Server on managed hosts in the SSH Tectia Client/Server environment.
For more information, please see our Knowledge Base article ID 22233, "How to configure SSH Tectia Server in a cluster or high availability setup".
Knowledge Base articles for SSH Tectia products are available at our support site http://support.ssh.com. From the main menu, select"Knowledge Base", and then type in the article ID number.
* Most Popular Documents Available at SSH Resource Center
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**NEW! Data Sheet: SSH Tectia Server for IBM Mainframes
http://www.ssh.com/products/material/datasheet/
**White Paper: Protecting Cardholder Data in Transit with SSH Tectia
http://www.ssh.com/campaign/pci/newsletter.html
**White Paper: Replacing FTP and Telnet in Cross-Platform Networks
http://www.ssh.com/campaign/ftpwp/newsletter.html
* Trade Shows & Events
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Upcoming events:
* SSH Headlines
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
February 23, 2006
SSH Communications Security Named as a 2006 "Hot Companies" Award Winner by Info Security Products Guide
http://www.ssh.com/company/newsroom/article/717/
February 23, 2006
SC Magazine Selects SSH as Finalist for "Best Security Company USA" and "Best Security Solution USA" Awards
http://www.ssh.com/company/newsroom/article/716/
January 9, 2006
Secure Shell Reaches Proposed Standard Status in the IETF
http://www.ssh.com/company/newsroom/article/700/
======================================================
# SSH Tectia Newsletter Mailing List #
------------------------------------------------------
This e-mail has been sent to evaluators of SSH products and others who have been in contact with us in the past and who have agreed that we send you the SSH Tectia Newsletter.
To unsubscribe from the mailing list, send a blank e-mail to from the e-mail account you wish to unsubscribe , or visit http://www.ssh.com/company/newsroom/unsubscribe.mpl.
# SSH Security & Release Alert Mailing List #
-------------------------------------------------------
If you would like to receive security alerts and notices about new version releases of SSH products, please subscribe to SSH Security & Release Alert mailing list at http://www.ssh.com/company/newsroom/subscribe.mpl.
=======================================================
Sincerely,
SSH Communications Security >> http://www.ssh.com
======================================================
[ SSH TECTIA NEWSLETTER (VOLUME 20) ] < March 2, 2006 >
======================================================
- Product News (1) - SSH Tectia Manager 2.1.2 Released
- Product News (2) - SSH Tectia Server 4.3/4.4 SFTP Vulnerability
- Company News - Tatu Ylönen in RSA Conference, San Jose
- Tips & Tricks
- Most Popular Documents at SSH Resource Center
- Trade Shows & Events
- SSH Headlines
- Subscribing & Unsubscribing to Mailing Lists
* Product News (1) - SSH Tectia Manager 2.1.2 Released
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SSH Tectia Manager 2.1.2 maintenance update was released on February 24, 2006. The changes are:
- Initial Deployment of the Management Agent via Telnet now correctly fails after a few 2-minute timeouts.
- Fixed an issue that caused data to be incorrectly read from an Oracle Management Database if it had not been configured to use the correct character set.
For more details on the release, please read the release notes at
http://www.ssh.com/support/documentation/release_notes/.
For more product information, please see http://www.ssh.com/products/tectia/manager/.
*Important notice to our maintenance customers: As our maintenance customer, you are entitled to upgrade to SSH Tectia Manager 2.1.2 from your existing product versions. You can download the new installation packages from SSH Customer Download Center at https://downloads.ssh.com. Please log in with your e-mail address. Your password has been provided to you earlier.
* Product News (2) - SSH Tectia Server 4.3/4.4 SFTP Vulnerability
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A vulnerability has been found in the SFTP server (sftp-server) component of SSH Tectia Server 4.4.0 and earlier. If you are running an affected product version, please read through the news in the below link carefully, evaluate the exposure in your environment, and implement the fix based on the implications.
http://www.ssh.com/company/newsroom/article/715/
* Company News - Tatu Ylönen in RSA Conference, San Jose
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tatu Ylönen, the developer of the Secure Shell protocol and the founder of SSH Communications Security, gave a presentation on February 14 in the RSA Conference in San Jose. The presentation covered how the growing use of integrated, complex applications has made cyberspace more dangerous, blunting the effectiveness of perimeter security. Coverage of Tatu's presentation and an interview can be found on the following sites:
SearchSecurity.com:
http://searchsecurity.techtarget.com/qna/0,289202,sid14_gci1164801,00.html
TG Daily:
http://www.tgdaily.com/2006/02/15/tatu_ylonen_interview_rsa_2006/
* Tips & Tricks: SSH Tectia Server in Cluster Environment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When SSH Tectia Server is installed on a host that is part of clustering or a high-availability setup, the identity of the server host has to be taken into consideration.
One option is to use the same hostkey pair of the primary SSH Tectia Server host also on the secondary SSH Tectia Server host(s). The important thing with this approach is that the private key of the primary host has to be transferred securely to the secondary host(s).
Another option that enables using individual identities for each host also in cluster environments is to use host certificates instead of hostkeys. For example, the Internal Certification Authority of SSH Tectia Manager can be used to issue host certificates for SSH Tectia Server on managed hosts in the SSH Tectia Client/Server environment.
For more information, please see our Knowledge Base article ID 22233, "How to configure SSH Tectia Server in a cluster or high availability setup".
Knowledge Base articles for SSH Tectia products are available at our support site http://support.ssh.com. From the main menu, select"Knowledge Base", and then type in the article ID number.
* Most Popular Documents Available at SSH Resource Center
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**NEW! Data Sheet: SSH Tectia Server for IBM Mainframes
http://www.ssh.com/products/material/datasheet/
**White Paper: Protecting Cardholder Data in Transit with SSH Tectia
http://www.ssh.com/campaign/pci/newsletter.html
**White Paper: Replacing FTP and Telnet in Cross-Platform Networks
http://www.ssh.com/campaign/ftpwp/newsletter.html
* Trade Shows & Events
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Upcoming events:
- Seattle, Washington, USA: SHARE User Event, March 6 - 8
- Hannover, Germany: CeBIT 2006, March 9 - 15
- Bangkok, Thailand: Security Summit 2006, March 13
* SSH Headlines
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
February 23, 2006
SSH Communications Security Named as a 2006 "Hot Companies" Award Winner by Info Security Products Guide
http://www.ssh.com/company/newsroom/article/717/
February 23, 2006
SC Magazine Selects SSH as Finalist for "Best Security Company USA" and "Best Security Solution USA" Awards
http://www.ssh.com/company/newsroom/article/716/
January 9, 2006
Secure Shell Reaches Proposed Standard Status in the IETF
http://www.ssh.com/company/newsroom/article/700/
======================================================
# SSH Tectia Newsletter Mailing List #
------------------------------------------------------
This e-mail has been sent to evaluators of SSH products and others who have been in contact with us in the past and who have agreed that we send you the SSH Tectia Newsletter.
To unsubscribe from the mailing list, send a blank e-mail to from the e-mail account you wish to unsubscribe , or visit http://www.ssh.com/company/newsroom/unsubscribe.mpl.
# SSH Security & Release Alert Mailing List #
-------------------------------------------------------
If you would like to receive security alerts and notices about new version releases of SSH products, please subscribe to SSH Security & Release Alert mailing list at http://www.ssh.com/company/newsroom/subscribe.mpl.
=======================================================
Sincerely,
SSH Communications Security >> http://www.ssh.com
© 2006 SSH Communications Security Corp. All rights reserved. ssh® is a registered trademark of SSH Communications Security Corp in the United States and in certain other jurisdictions. All other names and marks are property of their respective owners.