No warning message is displayed for "none" cipher

ponraj tryponraj at gmail.com
Fri Jan 5 22:22:06 EST 2007


Hello all,


I tried to connect to the server that supports protocol 1:

# ssh -1 -o "cipher none" remotehost
<No valid SSH1 cipher, using 3des instead>

As per the code in sshconnect1.c, it has to alert the user about "none" cipher usage.
try_challenge_response_authentication() {
....
                if (options.cipher == SSH_CIPHER_NONE)
                        logit("WARNING: Encryption is disabled! "
                            "Response will be transmitted in clear text.");
}

try_password_authentication() {
...
        if (options.cipher == SSH_CIPHER_NONE)
                logit("WARNING: Encryption is disabled! Password will be transmitted in clear text.");
}

But "none" cipher is skipped during "invalid" cipher testing and the actual cipher for the connection is set to default cipher type.If it is the case, I would like to know how to alert the user about the "none" cipher usage. If such warnings are not required why or for what purpose does the code check the "none" cipher usage during password and challenge response authentication ?


regards
Ponraj M


More information about the openssh-unix-dev mailing list