enabling "none" cipher
Jochen Bern
Jochen.Bern at binect.de
Wed Jan 14 17:32:42 AEDT 2026
On 13/01/2026 21:05, Chris Rapier wrote:
> On 1/12/26 13:45, Loganaden Velvindron wrote:
>> They might as well go back to telnet and ftp ?
>
> The way the none cipher is enabled in the patches prevents it from being
> used for authentication. It switches to the none cipher post auth (when
> the private key would normally be used). You still get encrypted
> authentication but the data transfer is en clear.
So, *still* comparable to telnet/ftp, if you use e.g. PAM to add a round
of challenge-response auth to the logins ... :-3
Kind regards,
--
Jochen Bern
Systemingenieur
Binect GmbH
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4336 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20260114/06203c22/attachment.p7s>
More information about the openssh-unix-dev
mailing list