Cipher 'none'
Damien Miller
djm at mindrot.org
Sat Oct 14 13:38:06 EST 2000
On Fri, 13 Oct 2000, Edward Avis wrote:
> By making a one-line change it is possible to enable the cipher 'none'
> in openssh. But you still have to ask for it explicitly, either by
> adding it to /etc/ssh/ssh_config or by giving the '-c none' option to
> ssh.
>
> I think that this 'feature' should be turned back on, because for slow
> machines or large file transfers, using encryption slows things down a
> lot. This means that you have to resort to rcp or ftp to get
> things working at a reasonable speed, which is a bad habit for the users
> to get into.
It is a bad habit to have unencrypted data on your network full stop :)
Seriously, some of the ciphers offered by SSH2 are pretty fast. These
are the times it took to scp a 100Mb file to /dev/null via ssh2 over
localhost:
P166
3des-cbc: 232 sec 431kbps
blowfish-cbc: 90 sec 1.1Mbps
arcfour: 71 sec 1.4Mbps
P3/700
3des-cbc: 47 sec 2.1Mbps
blowfish-cbc: 18 sec, 5.5Mbps
cast128-cbc: 18 sec, 5.5Mbps
arcfour: 12 sec 8.3Mbps
-d
--
| ``The power of accurate observation is | Damien Miller <djm at mindrot.org>
| commonly called cynicism by those who | @Work <djm at ibs.com.au>
| have not got it'' - George Bernard Shaw | http://www.mindrot.org
More information about the openssh-unix-dev
mailing list