On Thu, May 26, 2022 at 12:34:49AM +, David Holland wrote:
> On Tue, May 24, 2022 at 06:57:23AM -, Michael van Elst wrote:
> > Also consider that people believe their data is safe in the current
> > virtualized world, just because someone calls "encryption".
> > Gung znxrf lbhe
On Tue, May 24, 2022 at 06:57:23AM -, Michael van Elst wrote:
> >(1) having an unencrypted option at all is one of the ways spooks like
> >to weaken cryptosystems; it creates ways to force/cause people to use
> >it when they didn't mean to.
>
> People have to be very clear in making that
On Mon, May 23, 2022 at 05:30:36PM -0700, John Nemeth wrote:
> On May 3, 13:00, Greg Troxel wrote:
> } mlel...@serpens.de (Michael van Elst) writes:
> }
> } > Part of the HPN patches is to optionally strip encryption (and now even
> } > integrity checks) for the data transfer. Doesn't fit into
dholland-t...@netbsd.org (David Holland) writes:
>(1) having an unencrypted option at all is one of the ways spooks like
>to weaken cryptosystems; it creates ways to force/cause people to use
>it when they didn't mean to.
People have to be very clear in making that choice and they actually
use
jnem...@cue.bc.ca (John Nemeth) writes:
> I would say it is something that should be available as an
>option (likely a command line option). ssh/scp has pretty much
>completely replaced rsh/rcp (other than for people that go out of
>their way to use those); however, there are many things
On Mon, May 23, 2022 at 05:30:36PM -0700, John Nemeth wrote:
> } I would say that doesn't really fit with what we want either, certainly
> } without somebody really trying. It breaks the rule that using ssh can
> } count on confidentiality and integrity and makes systems with ssh as a
> }
On May 3, 13:00, Greg Troxel wrote:
} mlel...@serpens.de (Michael van Elst) writes:
}
} > Part of the HPN patches is to optionally strip encryption (and now even
} > integrity checks) for the data transfer. Doesn't fit into what
} > the OpenSSH people want, not even as an option.
}
} I would say
g...@lexort.com (Greg Troxel) writes:
>I would say that doesn't really fit with what we want either, certainly
>without somebody really trying. It breaks the rule that using ssh can
>count on confidentiality and integrity and makes systems with ssh as a
>component harder to reason about.
mlel...@serpens.de (Michael van Elst) writes:
> Part of the HPN patches is to optionally strip encryption (and now even
> integrity checks) for the data transfer. Doesn't fit into what
> the OpenSSH people want, not even as an option.
I would say that doesn't really fit with what we want
g...@lexort.com (Greg Troxel) writes:
>I view HPN as not the standard approach; it hasn't been merged upstream
>and PSC's agenda does not even seem to include merging any of it
>upstream -- which I see as a huge clue.
Looks more like upstream was never interested and PSC gave up.
Part of the
nia writes:
> I've heard some reports that the HPN-SSH patches to sshd are
> not quite working as well as expected, with some users getting
> mildly worse results. They're apparently supposed to improve
> performance:
>
> https://www.psc.edu/hpn-ssh-home/
>
> With "HPNDisabled" in sshd_config
11 matches
Mail list logo