openssh bugs - Jan 2008 - [Bug 1430] New: Restore support for "none" cipher, i.e., unencrypted connections

https://bugzilla.mindrot.org/show_bug.cgi?id=1430

           Summary: Restore support for "none" cipher, i.e.,
unencrypted
                    connections
    Classification: Unclassified
           Product: Portable OpenSSH
           Version: 4.7p1
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Miscellaneous
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: jik at kamens.brookline.ma.us


Support for the "none" cipher, i.e., for unencrypted SSH connections,
should be restored.

I tested the data transfer speed when using SSH with the arcfour cipher
between two servers on a gigabit LAN with 2.4GHz CPUs.  The transfer
speed turns out to be around 30MB/s.

30MB/s is fine when you're transferring over most WAN connections or
when you're transferring across a 1Mbit network or even a 10Mbit
network.  In these scenarios, the SSH transfer speed is still faster
than the network speed, so SSH introduces no delay in the transmission
of the data.

However, gigabit copper is becoming ubiquitous, and even fiber to the
desktop isn't so uncommon anymore.  Every computer at my company has a
gigabit NIC plugged into a gigabit switch.  In a gigabit environment,
an encrypted SSH transfer using 2.4GHz CPUs, which are hardly slow or
obsolete, is 70% slower than an unecrypted transfer would take.

When I'm transferring a big chunk of data across my corporate LAN, I
don't need for the data to be encrypted.  All I need is a way to
initiate the connection securely.  SSH can provide that, but it sucks
big time that after the connection is initiated, I have to sit around
twiddling my thumbs waiting for a transfer that could be going more
than three times as fast if it weren't for the unnecessary encryption.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1430


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX
                 CC|                            |djm at mindrot.org




--- Comment #1 from Damien Miller <djm at mindrot.org>  2008-01-20
05:49:09 ---
Sorry, but we will not support null cipher or MAC in OpenSSH. This has
been discussed at length on the mailing list.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1430


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added                       
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED                      




--- Comment #2 from Damien Miller <djm at mindrot.org>  2008-04-04
10:02:16 ---
Close resolved bugs after release.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.