Daniel Kalchev wrote this message on Wed, Nov 11, 2015 at 17:49 +0200: > It is my understanding, that using the NONE cypher is not identical to using > ???the old tools??? (rsh/rlogin/rcp). > > When ssh uses the NONE cypher, credentials and authorization are still > encrypted and verified. Only the actual data payload is not encrypted.
Except the point is that you ALREADY trust your network, so you don't need to encrypt the credentials and authorizations, otherwise, why are you running unencrypted payloads? In fact, if you aren't running at least a MAC, or a final verify, and you're transfering large amounts of data (multiple gigabytes), the data can and will likely be corrupted... See: http://noahdavids.org/self_published/CRC_and_checksum.html Having not used the NONE cipher, I don't know if the MAC is also removed or not... Either way, the MAC is still the long poll when it comes to encryption w/ AES-NI... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." _______________________________________________ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"