Hi, Please forgive my ignorance but what's the reason FreeBSD ships OpenSSH patched with HPN by default? Besides my passion for security, I've been working in the HPC sector for a while and benchmarked the patch for a customer about 1.5 years ago. The CTR-multi threading patch is actually *slower* than upstream OpenSSH with AES in CTR mode. GCM being, of course, the fastest mode on AESNI plattforms.
The NULL mode is a security concern as some have noted, I can only imagine that the window-scaling patch is of such importance? Thanks, Aaron
signature.asc
Description: Digital signature
