On Mon, Feb 05, 2001 at 10:21:20AM -0500, Todd Short wrote:
> Instead of questioning the motives, I'm going to actually answer the
> question.
>
> Using DataFellows/ssh.fi's SSH, it is possible to configure ssh to use
> "None" encryption.
> You must explicitly indiate "None" encryption using -C option when running
> the SSH client.
>
> I have ported SSH to a non-unix/PC platform, and I needed to use the None
> encryption option
> in order to get it to work.
May be I'm wrong, but doesn't ssh 'with NONE' switch of encryption ENTIRELY?
So it SHOWS the negotiation of the password to the outside(?)...
May be it is safe enough if you authenticate only by the hostkeys,
so only public Keys go over the net and are compared to some local
data.
I prefer to ssh to someplace, then use 'netcat' to transfer with maximum
speed from or to that place. So the password and commands are safe
and the data ist fast. Highjacking would be possible, so we'll risk
a DOS-able Disk-backup or somebody can steal data. The latter is possible
anyway as we use NFS, so this method is 'as (un)safe as normal work'
but the 'simple sniffer' doesn't get at root-passwords f'as fast. Only
someone 'really clever' will be able to first catch a random Socket,
then fill in something which fits into the dump/tar/whatever-tapes
and then wait until I reload exactly, whatever was sent to me :-)
Just an idea, half tested, half on my todolist.
Stucki
--
Christoph von Stuckrad * * | nickname | <[EMAIL PROTECTED]> \
Freie Universitaet Berlin |/_* | 'stucki' | Tel(days):+49 30 838-75 459 |
Fachbereich Mathematik, EDV |\ * | if online | Tel(else):+49 30 77 39 6600 |
Arnimallee 2-6/14195 Berlin * * | on IRCnet | Fax(alle):+49 30 838-75454 /
