Hi, Please forgive my ignorance but what's the reason FreeBSD ships OpenSSH patched with HPN by default? Besides my passion for security, I've been working in the HPC sector for a while and benchmarked the patch for a customer about 1.5 years ago. The CTR-multi threading patch is actually *slower* than upstream OpenSSH with AES in CTR mode. GCM being, of course, the fastest mode on AESNI plattforms. The NULL mode is a security concern as some have noted, I can only imagine that the window-scaling patch is of such importance? Thanks, Aaron
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:01 UTC