bugzilla-daemon at bugzilla.mindrot.org
2008-Jan-10 23:46 UTC
[Bug 1430] New: Restore support for "none" cipher, i.e., unencrypted connections
https://bugzilla.mindrot.org/show_bug.cgi?id=1430 Summary: Restore support for "none" cipher, i.e., unencrypted connections Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org ReportedBy: jik at kamens.brookline.ma.us Support for the "none" cipher, i.e., for unencrypted SSH connections, should be restored. I tested the data transfer speed when using SSH with the arcfour cipher between two servers on a gigabit LAN with 2.4GHz CPUs. The transfer speed turns out to be around 30MB/s. 30MB/s is fine when you're transferring over most WAN connections or when you're transferring across a 1Mbit network or even a 10Mbit network. In these scenarios, the SSH transfer speed is still faster than the network speed, so SSH introduces no delay in the transmission of the data. However, gigabit copper is becoming ubiquitous, and even fiber to the desktop isn't so uncommon anymore. Every computer at my company has a gigabit NIC plugged into a gigabit switch. In a gigabit environment, an encrypted SSH transfer using 2.4GHz CPUs, which are hardly slow or obsolete, is 70% slower than an unecrypted transfer would take. When I'm transferring a big chunk of data across my corporate LAN, I don't need for the data to be encrypted. All I need is a way to initiate the connection securely. SSH can provide that, but it sucks big time that after the connection is initiated, I have to sit around twiddling my thumbs waiting for a transfer that could be going more than three times as fast if it weren't for the unnecessary encryption. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jan-19 18:49 UTC
[Bug 1430] Restore support for "none" cipher, i.e., unencrypted connections
https://bugzilla.mindrot.org/show_bug.cgi?id=1430 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX CC| |djm at mindrot.org --- Comment #1 from Damien Miller <djm at mindrot.org> 2008-01-20 05:49:09 --- Sorry, but we will not support null cipher or MAC in OpenSSH. This has been discussed at length on the mailing list. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Apr-03 23:02 UTC
[Bug 1430] Restore support for "none" cipher, i.e., unencrypted connections
https://bugzilla.mindrot.org/show_bug.cgi?id=1430 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> 2008-04-04 10:02:16 --- Close resolved bugs after release. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.