Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800:> On Wednesday, 11 November 2015, Bryan Drewery <bdrewery at freebsd.org> wrote: > > > On 11/10/15 9:52 AM, John-Mark Gurney wrote: > > > My vote is to remove the HPN patches. First, the NONE cipher made more > > > sense back when we didn't have AES-NI widely available, and you were > > > seriously limited by it's performance. Now we have both aes-gcm and > > > chacha-poly which it's performance should be more than acceptable for > > > today's uses (i.e. cipher performance is 2GB/sec+). > > > > AES-NI doesn't help the absurdity of double-encrypting when using scp or > > rsync/ssh over an encrypted VPN, which is where NONE makes sense to use > > for me. > > I have to agree that there are cases when the NONE cipher makes sense, and > it is up to the end user to make sure they know what they are doing. > > Personally I have used it at home to backup my old FreeBSD server (which > does not have AESNI) over a dedicated network connection to a backup server > using rsync/ssh. Since it was not possible for anyone else to be on that > local network, and the server was so old it didn't have AESNI and would > soon be retired, using the NONE cipher sped up the transfer significantly.If you have a trusted network, why not just use nc? -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."
On Wednesday, 11 November 2015, John-Mark Gurney <jmg at funkthat.com> wrote:> Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800: > > I have to agree that there are cases when the NONE cipher makes sense, > and > > it is up to the end user to make sure they know what they are doing. > > > > Personally I have used it at home to backup my old FreeBSD server (which > > does not have AESNI) over a dedicated network connection to a backup > server > > using rsync/ssh. Since it was not possible for anyone else to be on that > > local network, and the server was so old it didn't have AESNI and would > > soon be retired, using the NONE cipher sped up the transfer > significantly. > > If you have a trusted network, why not just use nc? >Honest answer: ignorance of how I can use netcat together with rsync. -- -- From: Benjamin Woods woodsb02 at gmail.com
On Tue, Nov 10, 2015 at 11:59 PM, John-Mark Gurney <jmg at funkthat.com> wrote:> > <snip> > > If you have a trusted network, why not just use nc?Defense in depth for starters. The ipfw how to guide I learned from years ago, started with the statement that a firewall should be a shield in front of machines that don't need the shield. Security is hard, and you will get it wrong (everyone does), accidentally exposing an encrypted stream is much less of a mistake than exposing a plaint text stream.> > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." > _______________________________________________ > freebsd-security at freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
On Wed, Nov 11, 2015 at 6:59 PM, John-Mark Gurney <jmg at funkthat.com> wrote:> If you have a trusted network, why not just use nc?Perhaps more generally relevant is that ssh/scp are *waves hands* vaguely analogous to secure versions of rsh/rlogin/rcp. I'd think that most cases of "I wanted to send files and invoke some commands on a remote machine, and due to $CIRCUMSTANCE I don't need or desire encryption" are covered by the older, also standard tools. Additionally, rsync can use rsh as its transport, for users who desire more advanced behaviour. ssh just seems to have more support; Installation will ask you if you'd like to run sshd (not rshd), ssh is rather ubiquitous as a way of "doing a thing remotely" (even in Windows soon!), etc. This is a good default to have; the overhead of security is tiny in nearly all cases. It would seem then that the extra complexity of maintenance development in supporting NONE in base doesn't really grant us any additional functionality in most cases. It's just more 'obvious'.
On Tue, Nov 10, 2015 at 11:59:30PM -0800, John-Mark Gurney wrote:> Ben Woods wrote this message on Wed, Nov 11, 2015 at 15:40 +0800: > > On Wednesday, 11 November 2015, Bryan Drewery <bdrewery at freebsd.org> wrote: > > > > > On 11/10/15 9:52 AM, John-Mark Gurney wrote: > > > > My vote is to remove the HPN patches. First, the NONE cipher made more > > > > sense back when we didn't have AES-NI widely available, and you were > > > > seriously limited by it's performance. Now we have both aes-gcm and > > > > chacha-poly which it's performance should be more than acceptable for > > > > today's uses (i.e. cipher performance is 2GB/sec+). > > > > > > AES-NI doesn't help the absurdity of double-encrypting when using scp or > > > rsync/ssh over an encrypted VPN, which is where NONE makes sense to use > > > for me. > > > > I have to agree that there are cases when the NONE cipher makes sense, and > > it is up to the end user to make sure they know what they are doing. > > > > Personally I have used it at home to backup my old FreeBSD server (which > > does not have AESNI) over a dedicated network connection to a backup server > > using rsync/ssh. Since it was not possible for anyone else to be on that > > local network, and the server was so old it didn't have AESNI and would > > soon be retired, using the NONE cipher sped up the transfer significantly. > > If you have a trusted network, why not just use nc?I think you kidding: - scp need only one command on initiator side and no additional setup on target. simple, well know. - nc need additional work on target, need synchronization for file names with target, also need ssh to target for start, etc... Too complex.