patch adding none cipher/mac for ssh v2
Ed Avis
ed at membled.com
Sun Nov 14 00:21:45 EST 2004
Douglas E. Engert wrote:
>So why do you need ssh without encryption? Won't telnet or rsh do
>just as well?
This is just a personal preference but I'd rather not use telnet or
rsh for anything. They are crusty. Much better to use ssh all the
time - only one daemon to run instead of two, only one command to run.
Anything that helps get rid of telnet and rsh is a good thing!
Those are my subjective feelings. A more rational explanation is to
say that the ssh and sshd code is of good quality and well audited for
security holes. You can't be so confident about rshd or telnetd. If
you want a remote connection without encryption, ssh is certainly a
more secure way to do the job than any of the old stuff.
Users who ask for ssh with 'none' encryption are paying the openssh
developers a compliment by showing that ssh is worth using for its
code quality and ease-of-use alone, even without the added security of
strong encryption.
--
Ed Avis <ed at membled.com>
More information about the openssh-unix-dev
mailing list