Can we disable SSH compression by default?
Damien Miller
djm at mindrot.org
Mon Feb 18 09:20:48 AEDT 2019
On Sat, 16 Feb 2019, Yegor Ievlev wrote:
> Compressing data before encryption may be dangerous, for example
> CRIME, BREACH and VORACLE. Can compression be disabled by default in
> OpenSSH, only being enabled if user requests it?
I'm going to suggest that you read the manual pages to learn
the available options and their defaults before troubling a >1000
person mailing list. We put quite a bit of effort into the manual
pages and it makes us sad when people don't read them.
-d
More information about the openssh-unix-dev
mailing list