Can we disable SSH compression by default?

Yegor Ievlev koops1997 at
Sat Feb 16 23:29:18 AEDT 2019

Compressing data before encryption may be dangerous, for example
CRIME, BREACH and VORACLE. Can compression be disabled by default in
OpenSSH, only being enabled if user requests it?

Another scenario when SSH compression may be bad is use of commands
like tar cz | ssh root at remote "tar xz", which seem pretty common. If
SSH compression is enabled, data will be (wastefully) compressed

More information about the openssh-unix-dev mailing list