patch adding none cipher/mac for ssh v2
Darren Tucker
dtucker at zip.com.au
Thu Nov 11 18:43:51 EST 2004
J Raynor wrote:
> Below is a patch that adds the ability to have a none cipher and mac for
> protocol version 2. [..]
>
> The actual name of the cipher is 'none2', to distinguish it from the
> 'none' cipher available for ssh v1. The name of the mac is hmac-none.
Leaving aside whether or not this is a good idea (which has been done to
death here and elsewhere many times before, check the archives) if
you're going to do this then you ought to either stick with the specs[1]
and call them "none" or make them local extensions[2], eg
"none2 at your.domain.com".
[1] http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-19.txt
(section 6.3 & 6.4)
[2] http://www.ietf.org/internet-drafts/draft-ietf-secsh-architecture-17.txt
(section 4.2 and 6)
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list