enabling "none" cipher
Philip Hands
phil at hands.com
Tue Dec 23 11:26:35 AEDT 2025
Nacho via openssh-unix-dev <openssh-unix-dev at mindrot.org> writes:
...
> Of course, I agree with that reasoning, but this is for a special use case where
> several slow embedded systems are connected to a server through a local wired
> switch, sometimes they must transfer big amounts of data and it slows down the
> whole application because of the cipher.
The issue with using None was (and presumably still is -- I doubt
anyone's been working to fix this) that the secret keys are potentially
exposed by the fact that traffic that is assumed in the protocol to be
encrypted is in fact being sent in the clear.
Might I suggest rsync (with rsyncd), or c-kermit (with telnetd), or
possibly even uucp? or any network filesystem you fancy?
That way people will understand that there's no encryption involved, and
thus won't get nasty surprises later, and if you find something that
works for you using pre-built packages, you won't need to carry the
patch.
Cheers, Phil.
--
Philip Hands -- https://hands.com/~phil
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20251223/0d061f25/attachment.asc>
More information about the openssh-unix-dev
mailing list