Hi,
Since scp uses the ordinary ssh-client to establish a shell, enabling
encryption type 'none' for users to do scp is like enabling rsh. However
if your users use RSA-authentication it is not too bad to do this since
noone can see anything critical going across the line. About hijacking the
connection, that's a harder issue, since the connection is not encrypted
there is nothing protecting you from tcp-hijacking (after the
authentication has been done) so that is your only concern in this
scenario (given you use RSA authentication).
Cheers,
/Mats
On Sun, 5 Dec 1999, Roy S. Rapoport wrote:
>
> I've got a user who would like me to enable encryption type none so
> they can do faster file copies via scp.
>
> The files they're copying are not sensitive. My concern is whether
> or not using encryption type none will geopardize the actual
> session and make it more vulnerable to hijacking or make it easier
> to attack the host.
>
> Thoughts?
>
> -roy
>
