[Bug 877] ssh 3.8.1p1 client cannot disable encryption with "-c none"

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jun 8 10:12:32 EST 2004


------- Additional Comments From djm at mindrot.org  2004-06-08 10:12 -------
> (2) If security beyond the VPN concentrators is of concern, the sysadmins
>    can refrain from allowing the "none" cipher on sshd.

How do you know when you are beyond a VPN perimeter? How do you know some
routing screwup isn't exposing your traffic? How do you know some malicious
insider isn't sniffing? How do you know that the user won't forget that the
channel is not encrypted and accidentally type a root password into "su"?

> (3) Ultimately, the judgement should lie with the user. When he uses "-c none"
>    he understands the associated security risks. Users should control the
>    policy. A seasoned user can then effectively use it to his/her advantage.
> (4) Naive users would be protected if the defaults are reasonable and
>     the option to do "none" is arcane and possibly not listed in the manpage.
>     (Even the cipher arcfour is not listed in the manpage for ssh).

A non-naive user can patch their OpenSSH installation. I believe that is a much
more appropriate demonstration of their competence and their acceptance of the
consequent risk.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-bugs mailing list