Cipher 'none'

Edward Avis epa98 at doc.ic.ac.uk
Fri Oct 13 23:35:27 EST 2000 

By making a one-line change it is possible to enable the cipher 'none'
in openssh.  But you still have to ask for it explicitly, either by
adding it to /etc/ssh/ssh_config or by giving the '-c none' option to
ssh.

I think that this 'feature' should be turned back on, because for slow
machines or large file transfers, using encryption slows things down a
lot.  This means that you have to resort to rcp or ftp to get
things working at a reasonable speed, which is a bad habit for the users
to get into.

It's understandable to disable weak ciphers like DES - and even weaker
ones like 'none' :-) - to improve security.  But it doesn't improve
security if it pushes people back into the arms of telnet and rsh.  For
many networks, eavesdropping is not a serious problem - think of a home
network or even a small office.  In an ideal world you'd have strong
encryption even across these links, but in practice not every machine is
fast enough to do this and still get work done.

(My situation is a 386SX-16 as an X terminal over a small 
Ethernet.  I've set things up so that no encryption is used for
the four or five hosts on this closed network, but if ssh is used over
the Internet (via a modem link) it uses Blowfish or triple-DES.  Then
the users just remember one command, and it's secure when it needs to
be and fast when it can be.)

Protecting the users from themselves can only go so far.  If somebody
has deliberately enabled none in the configuration file or on the
command line, and has chosen to ignore the warning messages printed by
ssh, they probably know what they want.

Compare 'no encryption' with the FallBackToRsh option in the
configuration file.  Using rsh is insecure and so it is disabled by
default, and rightly so.  But if the user is prepared to sacrifice some
security for convenience, the option is there - but it must be turned on
deliberately.  If you feel that support for the cipher 'none' should not
be included in the ssh libraries, shouldn't falling back to rsh also be
disabled?

-- 
Ed Avis
epa98 at doc.ic.ac.uk

More information about the openssh-unix-dev mailing list