Optional 'test' or benchmark cipher

Linda Walsh open-ssh at tlinx.org
Wed Jan 16 14:46:34 EST 2008


I hope this is the right list, as I'm desiring a feature addition
in openssh.  I would like the option to have a 'null' cipher (after
the initial authorization, similar to 'delayed' for compression).
It would have to be enabled on both client and server and server
would never use it unless it was both enabled and asked for by
the client. 

I'd strongly prefer it be able to be enabled on a per-host
basis on both client and server rather than a global (that may
be the default way to treat all ciphers, but not sure).

I'd like to use it primarily for internal benchmarks, though
I suppose if the password is encrypted, one might be able to
transfer non-sensitive or pre-encrypted data over the larger
net.  Virtually all of my machines seem to be cpu bound (even
though 1 pair of newer machines shouldn't be; Not quite sure
why I'm not getting more throughput there (yet).

Anyway -- being able to "drop" the encryption entirely and
use a straight-through connection for the data (emphasizing
that I'd prefer not sending cleartext passwords).  Keeping
the password encrypted allows wider usage across the
internet of pre-encrypted or non-sensitive, compressed
data.

(I'm sorta surprised a null algorithm hasn't already been
made available, at least for testing during development.)

Hopefully it wouldn't be thought of as a security risk with
the appropriate safeguards in place.

Linda Walsh



More information about the openssh-unix-dev mailing list