enabling "none" cipher
hvjunk
hvjunk at gmail.com
Wed Jan 14 17:57:08 AEDT 2026
> On 14 Jan 2026, at 08:32, Jochen Bern <Jochen.Bern at binect.de> wrote:
>>
> So, *still* comparable to telnet/ftp, if you use e.g. PAM to add a round of challenge-response auth to the logins ... :-3
Hope fully you aren’t using Debian or Ubuntu or any other RPM based distro like Alma/rocky and god forbid FreeBSD with it’s tar files for your servers/services…. as they are all distributing their software via ftp/telnet/http equivalent services…. just using a pam type challenge-response to authenticate the packages’ authenticity at the endpoints are what the sender intended to send…
There are pedantic (CO2 heavy), and then there are pragmatic (CO2 lean) methods.
As when you are moving data is “expected” to be open knowledge, the need for wasting resources/energy (ie. being CO2 wasting…) to do encryption, does not gel. To have the end points authenticate, and the data checksummed/hashed/signed, would be more than enough security to make sure the data have not been tampered with in transit… the bigger problem with the traffic I see I need to move using the none cipher to now waste time and energy (ie. CO2 to put it in green energy terms)
> Kind regards,
> --
> Jochen Bern
> Systemingenieur
> Binect GmbH
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list