For what it's worth, despite claims I've heard to the contrary, this is not something that has been intentionally disabled versus upstream by the Debian/Ubuntu packaging, it's not a configure option, and it's not a trivial one-line change. At minimum, I'd want to disable password authentication when using the none cipher (there's at least one patch out there that hacks in "none" by abusing constants that are there for SSH1, and that doesn't attempt to do this), and it would be absolutely necessary to confirm that downgrade attacks such as http://www.security- express.com/archives/bugtraq/1999-q4/0318.html aren't possible.
The best approach I've seen so far to this is that done by http://www.psc.edu/networking/projects/hpn-ssh/ (http://www.psc.edu/networking/projects/hpn-ssh/none.php describes their approach), since that rekeys to the none cipher after authentication and disables it if a tty is requested. That said, having looked at that patch, I'm not happy integrating the HPN bits unless and until they go upstream. I may consider the NoneEnabled/NoneSwitch parts of it, although they'll need a very careful code review. -- [rfe] sshd ought to support 'none' cipher https://launchpad.net/bugs/54180 -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
