[Bug 877] ssh 3.8.1p1 client cannot disable encryption with "-c none"

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jun 8 07:24:09 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=877





------- Additional Comments From markus at openbsd.org  2004-06-08 07:24 -------
How can the user tell that the traffic is still IPsec protected?
IPsec is per packet, and after flushing SAs the connection
might be unprotected.  How can SSH tell?

Please show me how much faster none is. here's a patch:

folly% cat dontuse.dif 
Index: cipher.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/cipher.c,v
retrieving revision 1.66
diff -u -r1.66 cipher.c
--- cipher.c    10 Nov 2003 16:23:41 -0000      1.66
+++ cipher.c    19 Nov 2003 18:01:04 -0000
@@ -60,11 +60,12 @@
        u_int   key_len;
        const EVP_CIPHER        *(*evptype)(void);
 } ciphers[] = {
-       { "none",               SSH_CIPHER_NONE, 8, 0, EVP_enc_null },
+       { "none1",              SSH_CIPHER_NONE, 8, 0, EVP_enc_null },
        { "des",                SSH_CIPHER_DES, 8, 8, EVP_des_cbc },
        { "3des",               SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des },
        { "blowfish",           SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf },
 
+       { "none",               SSH_CIPHER_SSH2, 8, 0, EVP_enc_null },
        { "3des-cbc",           SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc },
        { "blowfish-cbc",       SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc },
        { "cast128-cbc",        SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc },
Index: mac.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/mac.c,v
retrieving revision 1.6
diff -u -r1.6 mac.c
--- mac.c       18 Sep 2003 13:02:21 -0000      1.6
+++ mac.c       19 Nov 2003 18:01:04 -0000
@@ -45,6 +45,7 @@
        { "hmac-md5-96",                EVP_md5, 96 },
        { "hmac-ripemd160",             EVP_ripemd160, 0 },
        { "hmac-ripemd160 at openssh.com", EVP_ripemd160, 0 },
+       { "none",                       EVP_md_null, 0 },
        { NULL,                         NULL, 0 }
 };
 
folly%



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list