Displaying 20 results from an estimated 10000 matches similar to: "[Bug 1430] New: Restore support for "none" cipher, i.e., unencrypted connections"
2001 Aug 02
0
patch: properly zeroing fd_set in clientloop
Hello all,
This is a problem and patch reported to Red Hat Bugzilla by
Jonathan Kamens <jik at kamens.brookline.ma.us>. I'm just acting as a relay
:-)
jik has experienced some weird crashes relating to window size changes or
some similar activity. These are rather hard to trace.
Problem was fixed by patching clientloop, where fd_set structures appear
to be improperly zeroed (bytes vs
2010 Dec 26
4
DO NOT REPLY [Bug 7889] New: Add "--backup-deleted"
https://bugzilla.samba.org/show_bug.cgi?id=7889
Summary: Add "--backup-deleted"
Product: rsync
Version: 3.0.7
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P3
Component: core
AssignedTo: wayned at samba.org
ReportedBy: jik at kamens.brookline.ma.us
2003 Jun 02
3
[jik@kamens.brookline.ma.us: MSS clamping doesn''t work with masquerading through VPN?]
I sent the message below to this list over a week ago, and I haven''t
seen any response.
If this is not the correct forum for my question, can anyone suggest a
better person or place to which I should direct it?
Thank you,
Jonathan Kamens
------- Start of forwarded message -------
From: Jonathan Kamens <jik@kamens.brookline.ma.us>
To: lartc@mailman.ds9a.nl
Subject: [LARTC] MSS
2018 May 23
1
Cipher=none seems to be not working
Hi,
i try to etablish unencrypted onnection and have in my config:
Cipher=aes
But this causes the following error:
2018-05-23 12:08:27 tinc.backbone[14746]: tincd 1.0.31 starting, debug level 5
2018-05-23 12:08:27 tinc.backbone[14746]: Got fatal signal 11 (Segmentation fault)
2018-05-23 12:08:27 tinc.backbone[14746]: Trying to re-execute in 5 seconds...
I have no idea what i'm doing
2000 Oct 13
2
Cipher 'none'
By making a one-line change it is possible to enable the cipher 'none'
in openssh. But you still have to ask for it explicitly, either by
adding it to /etc/ssh/ssh_config or by giving the '-c none' option to
ssh.
I think that this 'feature' should be turned back on, because for slow
machines or large file transfers, using encryption slows things down a
lot. This means
2016 Jan 25
2
Disable Client Certificate Authentication for Unencrypted Connections?
I?m using dovecot to provide encrypted IMAP e-mail support for remote clients and it?s working great. However, I also need to set up a webmail front-end (Roundcube), which I?m hoping to have use unencrypted IMAP on port 143 (as only port 993 is available externally).
The problem I?m running into is that I want to require client certificate authentication on port 993, but dovecot is apparently
2007 Jan 05
1
No warning message is displayed for "none" cipher
Hello all,
I tried to connect to the server that supports protocol 1:
# ssh -1 -o "cipher none" remotehost
<No valid SSH1 cipher, using 3des instead>
As per the code in sshconnect1.c, it has to alert the user about "none" cipher usage.
try_challenge_response_authentication() {
....
if (options.cipher == SSH_CIPHER_NONE)
2011 Aug 07
1
"Cipher = none" doesn't seem to be working properly
I have a simple pair of nodes set up, connected wirelessly, with tincd
1.0.16 running in switch mode. Setting Cipher and Digest to "none",
and Compression to 0, the bridge is still CPU-bound, with most of
tincd's CPU time spent in libcrypto. I narrowed it down to this line
in net_setup.c:
myself->connection->outcipher = EVP_bf_ofb();
It looks as though all outgoing data is
2001 Jun 08
0
SSH / X11 auth: needless complexity -> security problems?
On Wed, 6 Jun 2001, Markus Friedl posted the following to Bugtraq:
> this feature [placing the X11 cookie file in /tmp] was inherited
> from ossh and the reason was:
> 1) if $HOME is on NFS, then the cookie travels unencrypted
> over the network, this defeats the purpose of X11-fwding
> 2) $HOME/.Xauthority gets polluted with temorary cookies.
> however,
2007 Nov 24
1
enable none cipher
Hello,
Does anybody know how cam I enable the usage of the 'none' cipher in
OpenSSH 4.7
yours,
Mihai
2007 Sep 26
1
Inconsistent none cipher behavior
Using stock OpenSSH 4.7 I found different behavior when trying to
specify the use of the 'none' cipher depending on the command line
option nomenclature. This is under linux 2.6.19-web100
using -ocipher=none
[root at delta openssh-4.7p1-hpnv19]# /home/rapier/ssh47/bin/scp -S
/home/rapier/ssh47/bin/ssh -ocipher=none -P 2222 ~rapier/2gb
rapier at localhost:/dev/null
rapier at
2016 Jan 29
2
Disable Client Certificate Authentication for Unencrypted Connections?
> On 27 Jan 2016, at 21:55, Axel Luttgens <axel.luttgens at skynet.be> wrote:
>
> Hello Haravikk,
>
> Perhaps could you try to devise an exception based on one (or more) "remote" section(s), as in:
>
> remote ip.of.webmail.server {
> ssl_verify_client_cert = no
> [other settings, if needed]
> }
>
> But I guess you would need to combine
2001 Jul 03
1
turning on none cipher for v1 and v2 server
Hi all,
Is there a straightforward way to enable the none cipher for v1 and v2 in the
server?
Please include my email address in your reply, as I'm not subscribed to this
list.
Thanks!
Mordy
--
Mordy Ovits
Network Engineer
Bloomberg L.P.
2008 Jan 02
0
enable none cipher
Hi,
I was looking at the thread on the 'null' cipher and was wondering if
you have done anything one it, if you need any help (or just
encouragement ;)).
I'm a radio experimenter (radio ham) and currently I'm using ssh
illegally over the air, as I'm not legally allowed to encrypt
sessions over the Radio Link. Being able to have strong
authentication with no
2009 Feb 26
1
OpenSSH with 'none' cipher (after reading bug #877)
Hi,
I'd like to argue in favor of bug #877 (
https://bugzilla.mindrot.org/show_bug.cgi?id=877) from a new perspective.
Instead of performance, I wish to raise the issue of regulatory compliance
and auditing.
I read all of #877 and I understand the arguments for and against, but I
felt at the end the decisive comment by Damien was mostly based on 'We don't
want users to use
2004 Nov 11
2
patch adding none cipher/mac for ssh v2
Below is a patch that adds the ability to have a none cipher and mac for
protocol version 2. By default, sshd will not allow these to be used;
an admin will have to explicitly allow them in the Ciphers and MACs
section of sshd_config. Additionally, the client will not use these
unless explicitly instructed to by the user.
The actual name of the cipher is 'none2', to distinguish it
2016 Feb 02
2
Disable Client Certificate Authentication for Unencrypted Connections?
On 02 Feb 2016, at 13:09, Haravikk <dovecot at haravikk.me> wrote:
>
> So I still haven?t found a way to require client certificates only for port 993/IMAPS while leaving unencrypted IMAP open for local, trusted, services.
>
> Is there really no way to do this? I just found out how to do the same thing for postfix (turns out it?s fairly easy, just a matter of adding the
2000 Jan 14
2
The cipher 'none' in OpenSSH
Hallo to everyone!
First I would like to thank everybody for making a free implementation
of ssh available.
I am administrating the network at the computer science department of
the University of Munich. Here, rcp (as in many other places, I guess)
is banned for security reasons. I, aswell as others, use scp regulary
to copy files from one machine to another.
The problem is, that the transfer
2001 Mar 17
4
"cipher none" alternatives ?
We are trying to upgrade from SSH1 to OpenSSH/SSH2.
I see that configuration support for "cipher NONE" was removed in OpenSSH.
Is there an alternative for this ?
We need to move big files (>100Mb) between machines on the Internet. In
the past we had used NFS or ftp but want to block those services at one or
both ends. Moving them with SSH 1 scp takes quite a bit of CPU effort for
2011 Oct 09
2
Timeline for rsync 3.1 release?
Greetings,
I submitted a patch for a new feature for rsync through bugzilla last
December.
Wayne said he was leaning toward including the new feature I proposed in
rsync 3.1.
Nearly ten months later, there is still no rsync 3.1. :-)
Is there any information available about the timeline of upcoming releases?
Thanks,
Jonathan Kamens
-------------- next part --------------
An HTML attachment