Re: ssh None cipher

From: Benjamin Kaduk <kaduk_at_MIT.EDU>
Date: Fri, 17 Oct 2014 22:43:39 -0400 (EDT)
On Fri, 17 Oct 2014, Ben Woods wrote:

> Whilst trying to replicate data from my FreeNAS to my FreeBSD home theater
> PC on my local LAN, I came across this bug preventing use of the None
> cipher:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=163127
>
> I think I could enable the None cipher by recompiling base with a flag in
> /etc/src.conf.

I agree.

> Is there any harm in enabling this by default, but having the None cipher
> remain disabled in /etc/ssh/sshd_config? That way people wouldn't have it
> on my default, but wouldn't have to recompile to enable it.

I do not see any immediate and concrete harm that doing so would cause,
yet that is insufficient for me to think that doing so would be a good
idea.

-Ben
Received on Sat Oct 18 2014 - 00:43:51 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:53 UTC