"cipher none" alternatives ?

David Terrell dbt at meat.net
Tue Mar 20 13:25:22 EST 2001

On Sat, Mar 17, 2001 at 05:11:34PM -0800, Dan Kaminsky wrote:
> > "scp -c none with RSA authentication"
> >
> > does not protect the integrity of the data you transfer.
> Markus--
>     Say I did something like(yes, I know this wouldn't work out of the box):
>     ssh -2 -oCiphers none -oMACs hmac-md5 user at host tar czf - bigdir/ | tar
> xzvf -
>     Would this maintain packet integrity while maximizing transmission
> speed?
>     Is there any argument for supporting arcfour in SSH2 but *not* SSH1?

Yes, the security problems in ssh1 (the weak CRC) are more easily
exploited with [A]RC4.

David Terrell            | "Instead of plodding through the equivalent of
Prime Minister, NebCorp  | literary Xanax, the pregeeks go for sci-fi and
dbt at meat.net             | fantasy:  LSD in book form." - Benjy Feen,
http://wwn.nebcorp.com   | http://www.monkeybagel.com/ "Origins of Sysadmins"

More information about the openssh-unix-dev mailing list