Hello Folks,
I hate to beat an already "terribly beaten horse" but I'd like to say
that I would like the null cipher option to be available. The reason
being is that working for a WAN optimization company, the need to "see"
the unencrypted traffic is paramount in order to reduce SSH's network
Hello Folks,
I hate to beat an already "terribly beaten horse" but I'd like to say
that I would like the null cipher option to be available. The reason
being is that working for a WAN optimization company, the need to "see"
the unencrypted traffic is paramount in order to reduce SSH's network
I just want to say that I need this too... Please. It's not that
terribly hard.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/54180
Title:
[rfe] sshd ought to support 'none'
I just want to say that I need this too... Please. It's not that
terribly hard.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/54180
Title:
[rfe] sshd ought to support 'none' cipher
To manage
No. My statements in comment #16 stand; this needs to go upstream
*first*.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/54180
Title:
[rfe] sshd ought to support 'none' cipher
No. My statements in comment #16 stand; this needs to go upstream
*first*.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/54180
Title:
[rfe] sshd ought to support 'none' cipher
To manage
Is there any chance this might hit 11.10?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/54180
Title:
[rfe] sshd ought to support 'none' cipher
To manage notifications about this
Is there any chance this might hit 11.10?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/54180
Title:
[rfe] sshd ought to support 'none' cipher
To manage notifications about this bug go to:
I want to see this in ubuntu 10.04, i need none cipher in my enterprise
env. please add none patch
--
[rfe] sshd ought to support 'none' cipher
https://bugs.launchpad.net/bugs/54180
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh
I want to see this in ubuntu 10.04, i need none cipher in my enterprise
env. please add none patch
--
[rfe] sshd ought to support 'none' cipher
https://bugs.launchpad.net/bugs/54180
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
I find it frustrating when those that don't understand the value of
something patently reject it without research. FTP and other protocols
make use of kerberos to authenticated securely then transmit the data in
plaintext. This should be trivial to do in ssh, especially if using
RSA/DSA key
fusiondog: Could I recommend that you consider doing something positive?
If you are willing to work with upstream (that is, with the developers
of openssh) to get this option included by default in their released
source code, that would make getting it included into future releases of
Ubuntu
I find it frustrating when those that don't understand the value of
something patently reject it without research. FTP and other protocols
make use of kerberos to authenticated securely then transmit the data in
plaintext. This should be trivial to do in ssh, especially if using
RSA/DSA key
fusiondog: Could I recommend that you consider doing something positive?
If you are willing to work with upstream (that is, with the developers
of openssh) to get this option included by default in their released
source code, that would make getting it included into future releases of
Ubuntu
Problem is that SSH performance is still 10-30x slower with encryption.
On a 3.6GHz Intel Penryn with plenty of memory bandwidth [1], we see
around 67MB/s - 109MB/s [2]. Moving from 'secret' aes-128-cbc (the
default) to 'top-secret' aes-256-cbc (the most secure) is almost free.
Moving from MD5
This is the 'none' cipher patch:
http://www.psc.edu/networking/projects/hpn-ssh/openssh5.1-dynwindow_noneswitch.diff.gz
(from http://www.psc.edu/networking/projects/hpn-ssh/)
Since security is so critical, perhaps we should defer judgement to the
OpenSSH mailing lists?
--
[rfe] sshd ought to
Problem is that SSH performance is still 10-30x slower with encryption.
On a 3.6GHz Intel Penryn with plenty of memory bandwidth [1], we see
around 67MB/s - 109MB/s [2]. Moving from 'secret' aes-128-cbc (the
default) to 'top-secret' aes-256-cbc (the most secure) is almost free.
Moving from MD5
This is the 'none' cipher patch:
http://www.psc.edu/networking/projects/hpn-ssh/openssh5.1-dynwindow_noneswitch.diff.gz
(from http://www.psc.edu/networking/projects/hpn-ssh/)
Since security is so critical, perhaps we should defer judgement to the
OpenSSH mailing lists?
--
[rfe] sshd ought to
** Changed in: openssh (Debian)
Status: Confirmed = Won't Fix
--
[rfe] sshd ought to support 'none' cipher
https://bugs.launchpad.net/bugs/54180
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
For what it's worth, despite claims I've heard to the contrary, this is
not something that has been intentionally disabled versus upstream by
the Debian/Ubuntu packaging, it's not a configure option, and it's not a
trivial one-line change. At minimum, I'd want to disable password
authentication
(Claims that this is a configure option date from SSH1; this option was
removed by upstream a long time ago.)
** Changed in: openssh (Ubuntu)
Importance: Undecided = Wishlist
Status: Unconfirmed = Confirmed
--
[rfe] sshd ought to support 'none' cipher
https://launchpad.net/bugs/54180
** Also affects: debian-installer (upstream)
Importance: Untriaged
Status: Unconfirmed
--
[rfe] sshd ought to support 'none' cipher
https://launchpad.net/bugs/54180
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Rejecting bogus task.
** Changed in: debian-installer (upstream)
Status: Unconfirmed = Rejected
--
[rfe] sshd ought to support 'none' cipher
https://launchpad.net/bugs/54180
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
** Changed in: openssh (Debian)
Status: Unknown = Confirmed
--
[rfe] sshd ought to support 'none' cipher
https://launchpad.net/bugs/54180
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
** Bug watch added: Debian Bug tracker #13389
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=13389
** Also affects: openssh (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=13389
Importance: Unknown
Status: Unknown
--
[rfe] sshd ought to support 'none' cipher
I am very unconvinced about this (none implies that *authentication*
happens in plaintext, as far as I know!). I recommend that people
wanting performance use the blowfish-cbc cipher.
--
[rfe] sshd ought to support 'none' cipher
https://launchpad.net/bugs/54180
--
ubuntu-bugs mailing list
26 matches
Mail list logo
