similar to: [Bug 1430] New: Restore support for "none" cipher, i.e., unencrypted connections

Hello all, This is a problem and patch reported to Red Hat Bugzilla by Jonathan Kamens <jik at kamens.brookline.ma.us>. I'm just acting as a relay :-) jik has experienced some weird crashes relating to window size changes or some similar activity. These are rather hard to trace. Problem was fixed by patching clientloop, where fd_set structures appear to be improperly zeroed (bytes vs

https://bugzilla.samba.org/show_bug.cgi?id=7889 Summary: Add "--backup-deleted" Product: rsync Version: 3.0.7 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P3 Component: core AssignedTo: wayned at samba.org ReportedBy: jik at kamens.brookline.ma.us

I sent the message below to this list over a week ago, and I haven''t seen any response. If this is not the correct forum for my question, can anyone suggest a better person or place to which I should direct it? Thank you, Jonathan Kamens ------- Start of forwarded message ------- From: Jonathan Kamens <jik@kamens.brookline.ma.us> To: lartc@mailman.ds9a.nl Subject: [LARTC] MSS

Hi, i try to etablish unencrypted onnection and have in my config: Cipher=aes But this causes the following error: 2018-05-23 12:08:27 tinc.backbone[14746]: tincd 1.0.31 starting, debug level 5 2018-05-23 12:08:27 tinc.backbone[14746]: Got fatal signal 11 (Segmentation fault) 2018-05-23 12:08:27 tinc.backbone[14746]: Trying to re-execute in 5 seconds... I have no idea what i'm doing

By making a one-line change it is possible to enable the cipher 'none' in openssh. But you still have to ask for it explicitly, either by adding it to /etc/ssh/ssh_config or by giving the '-c none' option to ssh. I think that this 'feature' should be turned back on, because for slow machines or large file transfers, using encryption slows things down a lot. This means

I?m using dovecot to provide encrypted IMAP e-mail support for remote clients and it?s working great. However, I also need to set up a webmail front-end (Roundcube), which I?m hoping to have use unencrypted IMAP on port 143 (as only port 993 is available externally). The problem I?m running into is that I want to require client certificate authentication on port 993, but dovecot is apparently

Hello all, I tried to connect to the server that supports protocol 1: # ssh -1 -o "cipher none" remotehost <No valid SSH1 cipher, using 3des instead> As per the code in sshconnect1.c, it has to alert the user about "none" cipher usage. try_challenge_response_authentication() { .... if (options.cipher == SSH_CIPHER_NONE)

I have a simple pair of nodes set up, connected wirelessly, with tincd 1.0.16 running in switch mode. Setting Cipher and Digest to "none", and Compression to 0, the bridge is still CPU-bound, with most of tincd's CPU time spent in libcrypto. I narrowed it down to this line in net_setup.c: myself->connection->outcipher = EVP_bf_ofb(); It looks as though all outgoing data is

On Wed, 6 Jun 2001, Markus Friedl posted the following to Bugtraq: > this feature [placing the X11 cookie file in /tmp] was inherited > from ossh and the reason was: > 1) if $HOME is on NFS, then the cookie travels unencrypted > over the network, this defeats the purpose of X11-fwding > 2) $HOME/.Xauthority gets polluted with temorary cookies. > however,

Hello, Does anybody know how cam I enable the usage of the 'none' cipher in OpenSSH 4.7 yours, Mihai

Using stock OpenSSH 4.7 I found different behavior when trying to specify the use of the 'none' cipher depending on the command line option nomenclature. This is under linux 2.6.19-web100 using -ocipher=none [root at delta openssh-4.7p1-hpnv19]# /home/rapier/ssh47/bin/scp -S /home/rapier/ssh47/bin/ssh -ocipher=none -P 2222 ~rapier/2gb rapier at localhost:/dev/null rapier at

> On 27 Jan 2016, at 21:55, Axel Luttgens <axel.luttgens at skynet.be> wrote: > > Hello Haravikk, > > Perhaps could you try to devise an exception based on one (or more) "remote" section(s), as in: > > remote ip.of.webmail.server { > ssl_verify_client_cert = no > [other settings, if needed] > } > > But I guess you would need to combine

Hi all, Is there a straightforward way to enable the none cipher for v1 and v2 in the server? Please include my email address in your reply, as I'm not subscribed to this list. Thanks! Mordy -- Mordy Ovits Network Engineer Bloomberg L.P.

Hi, I was looking at the thread on the 'null' cipher and was wondering if you have done anything one it, if you need any help (or just encouragement ;)). I'm a radio experimenter (radio ham) and currently I'm using ssh illegally over the air, as I'm not legally allowed to encrypt sessions over the Radio Link. Being able to have strong authentication with no

Hi, I'd like to argue in favor of bug #877 ( https://bugzilla.mindrot.org/show_bug.cgi?id=877) from a new perspective. Instead of performance, I wish to raise the issue of regulatory compliance and auditing. I read all of #877 and I understand the arguments for and against, but I felt at the end the decisive comment by Damien was mostly based on 'We don't want users to use

Below is a patch that adds the ability to have a none cipher and mac for protocol version 2. By default, sshd will not allow these to be used; an admin will have to explicitly allow them in the Ciphers and MACs section of sshd_config. Additionally, the client will not use these unless explicitly instructed to by the user. The actual name of the cipher is 'none2', to distinguish it

On 02 Feb 2016, at 13:09, Haravikk <dovecot at haravikk.me> wrote: > > So I still haven?t found a way to require client certificates only for port 993/IMAPS while leaving unencrypted IMAP open for local, trusted, services. > > Is there really no way to do this? I just found out how to do the same thing for postfix (turns out it?s fairly easy, just a matter of adding the

Hallo to everyone! First I would like to thank everybody for making a free implementation of ssh available. I am administrating the network at the computer science department of the University of Munich. Here, rcp (as in many other places, I guess) is banned for security reasons. I, aswell as others, use scp regulary to copy files from one machine to another. The problem is, that the transfer

We are trying to upgrade from SSH1 to OpenSSH/SSH2. I see that configuration support for "cipher NONE" was removed in OpenSSH. Is there an alternative for this ? We need to move big files (>100Mb) between machines on the Internet. In the past we had used NFS or ftp but want to block those services at one or both ends. Moving them with SSH 1 scp takes quite a bit of CPU effort for

Greetings, I submitted a patch for a new feature for rsync through bugzilla last December. Wayne said he was leaning toward including the new feature I proposed in rsync 3.1. Nearly ten months later, there is still no rsync 3.1. :-) Is there any information available about the timeline of upcoming releases? Thanks, Jonathan Kamens -------------- next part -------------- An HTML attachment