[EXT] Re: enabling "none" cipher

Tue Jan 13 08:07:54 AEDT 2026

Isn't “none” cipher still authenticated, for both login and traffic? Don’t some organization care for authenticity, though not (that much) for confidentiality?

--
V/R,
Uri

From: openssh-unix-dev <openssh-unix-dev-bounces+uri=ll.mit.edu at mindrot.org> on behalf of Loganaden Velvindron <loganaden at gmail.com>
Date: Monday, January 12, 2026 at 13:49
To: Darren Tucker <dtucker at dtucker.net>
Cc: Nacho <naqiao at naqiao.hk>, openssh-unix-dev at mindrot.org <openssh-unix-dev at mindrot.org>
Subject: [EXT] Re: enabling "none" cipher

!-------------------------------------------------------------------|
This Message Is From an External Sender
This message came from outside the Laboratory.
|-------------------------------------------------------------------!

On Fri, 19 Dec 2025 at 12:03, Darren Tucker <dtucker at dtucker.net> wrote:
>
> On Fri, 19 Dec 2025 at 18:17, Nacho via openssh-unix-dev <
> openssh-unix-dev at mindrot.org> wrote:
>
> > [...]
> > Is it possible that there is no native support for "none" cipher in
> > OpenSSH and
> > this is just implemented by third party patches?
> >
>
> Stock OpenSSH does not support the "none" cipher. It's counter to the
> project's goals of "putting an end to unencrypted logins" and "keeping your
> communiques secret", and it's also the kind of thing that has been used for
> protocol downgrade attacks in the past.
>
They might as well go back to telnet and ftp ?
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev <https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 8236 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20260112/54014861/attachment-0001.bin>