On Mon, Nov 21, 2005 at 01:54:20PM -0500, William Duke wrote:
> I meant the extra "security" mile.  I have no need for the extra security
> since I'm on a closed network with virtually no chance of outside intrusion.

Ah... well, I think it's better to think of security as the baseline,
rather than a nice extra option that you only turn on when you feel
it's needed. So the question goes back to: Why use the insecure method
when the secure method costs nothing extra? But as you point out, the
secure method does have a cost...

> I suppose there's the performance argument.  Cleartext is processed much
> quicker and requires fewer processor resources.  

I agree that encryption uses more CPU, but is this a problem in
practice? I run sshd on a 25MHz 68040, and have run it on a 25MHz
80386... On the '040, it takes about 30 seconds to get logged in, but
after that, it's more than fast enough for me. My 60 wpm or so typing
(usually much less than that when typing shell commands) and the few
hundred bytes of response from those commands don't seem to be
particularly taxing to the CPU :)