[ On Thursday, February 1, 2001 at 11:45:57 (+0100), Andreas Schott wrote: ]
> Subject: Re: Can SSH be used just for encrypted authentication and then let the rest
>of the session be unencrypted ?
>
> This is a very useful thing for backup/recovery, where we e.g.
> use the rsh-protocol and would like to switch to ssh, but it
> is impossible to encrypt/decrypt gigabytes of data.
You are far Far FAR safer to just use 'rsh' than to try disabling the
encryption in 'ssh' under some misguided attempt to gain better
performance.
'ssh' without data link encryption is, for all intents and purposes,
exactly the same as 'rsh' (though perhaps with the addition of other
more complex authentication algorithms that you'd find difficult to use
in an automated script environment anyway!). Properly configured, with
regular auditing, and with properly configured and reliable local
authoritative DNS servers for all domains concerned, especially for the
reverse zones, 'rsh' is probably *more* secure than 'ssh' would be
without data transport encryption because if you mess with 'ssh' you
may risk reducing it's ability to protect other more sensitive
connections.
Even if you did have secure methods for using stronger authentication in
an un-encrypted 'ssh' bastardisation you still wouldn't be any better
off than 'rsh' because it couldn't tell you anything that 'rsh' can't
tell you in the first place (unless of course you've broken 'rsh' by
allowing unprivileged user processes to bind to reserved ports or
something equally silly).
> Furthermore
> it is on an internal network, so snooping data is never the
> problem, but as long as rsh is an allowed protocol, you need
> to rely on other methods to avoid usage of rsh for other
> things, than just the backup/restore. So it is a very useful
> thing to encrypt only the authentication.
Encrypting only the authentication leaves your connections *wide* open
to hijacking, *especially* within an internal network! In this case
'rsh' is no less secure and the rsh authetication is based on
out-of-band information (which hopefully comes from an authoriative
nameserver running on both the server and client, and of course from
secure user-id databases on each).
Do not even contemplate removing the data link encryption from 'ssh'.
Use existing, proven, non-encrypted protocols instead, such as 'rsh'.
--
Greg A. Woods
+1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
