Hello all,
I tried to connect to the server that supports protocol 1:
# ssh -1 -o "cipher none" remotehost
<No valid SSH1 cipher, using 3des instead>
As per the code in sshconnect1.c, it has to alert the user about
"none" cipher usage.
try_challenge_response_authentication() {
....
if (options.cipher == SSH_CIPHER_NONE)
logit("WARNING: Encryption is disabled! "
"Response will be transmitted in clear
text.");
}
try_password_authentication() {
...
if (options.cipher == SSH_CIPHER_NONE)
logit("WARNING: Encryption is disabled! Password will be
transmitted in clear text.");
}
But "none" cipher is skipped during "invalid" cipher testing
and the actual cipher for the connection is set to default cipher type.If it is
the case, I would like to know how to alert the user about the "none"
cipher usage. If such warnings are not required why or for what purpose does the
code check the "none" cipher usage during password and challenge
response authentication ?
regards
Ponraj M
On Fri, 5 Jan 2007, ponraj wrote:> Hello all, > > > I tried to connect to the server that supports protocol 1: > > # ssh -1 -o "cipher none" remotehost > <No valid SSH1 cipher, using 3des instead>openssh does not support the "none" cipher. Any traces of it in the code are legacy and/or paranoia. There are 3rd party patches that add support for the "none" cipher. We do not recommend their use, and obviously don't support them. This has been discussed ad nauseum on this mailing list - please have a look at the archives. -d