Daniel Kalchev wrote this message on Wed, Nov 11, 2015 at 17:49 +0200: > It is my understanding, that using the NONE cypher is not identical to using ???the old tools??? (rsh/rlogin/rcp). > > When ssh uses the NONE cypher, credentials and authorization are still encrypted and verified. Only the actual data payload is not encrypted. Except the point is that you ALREADY trust your network, so you don't need to encrypt the credentials and authorizations, otherwise, why are you running unencrypted payloads? In fact, if you aren't running at least a MAC, or a final verify, and you're transfering large amounts of data (multiple gigabytes), the data can and will likely be corrupted... See: http://noahdavids.org/self_published/CRC_and_checksum.html Having not used the NONE cipher, I don't know if the MAC is also removed or not... Either way, the MAC is still the long poll when it comes to encryption w/ AES-NI... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."Received on Wed Nov 11 2015 - 18:22:25 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:00 UTC