Subject: Re: [netbsd-users] Re: netbsd sshd - really nobody knows?
To: None <netbsd-users@netbsd.org>
From: David Bronder <david-bronder@uiowa.edu>
List: netbsd-users
Date: 08/01/2001 11:51:28
Wojciech Puchar wrote:
> 
> i use it only with RSA logging and on local network.
> 
> i don't need ciphering slowdown when copying with scp files between
> computers in my home.

If you review the archives from the openssh-dev mailing list over the
last few months, you'll find this issue was discussed.

    http://marc.theaimsgroup.com/?l=openssh-unix-dev&r=1&w=2

There were two issues.  With SSHv1, you don't want 'none' as the
cipher because it depends on the encryption for verifiying the
integrity of the data.  (SSHv2 separates the integrity verifier from
the cipher.)  See the tail end of the thread with the subject of
'turning on none cipher for v1 and v2 server'.

For performance, the '"cipher none" alternatives' thread in the list
archives is one of a couple threads that discuss this.  Several people
actually did some testing, and typically they found there was no
significant performance difference between using arcfour or blowfish
and no cipher.  If you really want to speed things up, it looked like
NFS or FTP would be your thing.

=Dave

-- 
Hello World.                                    David Bronder - Systems Admin
Segmentation Fault                                     ITS-SPA, Univ. of Iowa
Core dumped, disk trashed, quota filled, soda warm.   david-bronder@uiowa.edu