[Bug 877] ssh 3.8.1p1 client cannot disable encryption with "-c none"

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Jun 7 19:25:33 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=877





------- Additional Comments From djm at mindrot.org  2004-06-07 19:25 -------
Running ssh protocol 2 without a MAC renders sessions vulnerable to active as
well as passive attacks.

Therefore, the chances of us implementing the "none" MAC are even less than that
of the "none" cipher. Feel free to patch your own OpenSSH distribution, but
don't say we didn't warn you.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list