touch-packages team mailing list archive

[Alex Lee <alee@xxxxxxxxxxxx>]

Hello Folks,

I hate to beat an already "terribly beaten horse" but I'd like to say
that I would like the null cipher option to be available. The reason
being is that working for a WAN optimization company, the need to "see"
the unencrypted traffic is paramount in order to reduce SSH's network
footprint. In terms of security, most WAN optimization vendors do
provide a "secured transport" (IPSEC or SSL-based tunnels)  across the
WAN to prevent passwords and app-data from being snooped.

Trust me, I do understand the desire to prevent SSH users from shooting
themselves and their company's in the foot, however, having a null
cipher option does have value - in the WAN opt case, its a business
/network-cost-savings value.

Alex

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/54180

Title:
  [rfe] sshd ought to support 'none' cipher

Status in debian-installer:
  Invalid
Status in openssh package in Ubuntu:
  Confirmed
Status in openssh package in Debian:
  Won't Fix

Bug description:
  Binary package hint: ssh

  Please enable the 'none' cipher on sshd.

  This will prevent people from having to recompile their sshd to enable
  it.

  The none cipher is only used if the client explicitly requests it.
  Furthermore, the admin has the option of disabling it entirely via the
  'Ciphers' parameter of the /etc/ssh/sshd_config file.  The shipped
  sshd_config file could even disable it as per default.

  With the ability to have this option configurable via a config file it
  seems a bit heavy-fisted to disable it at compile-time.

To manage notifications about this bug go to:
https://bugs.launchpad.net/debian-installer/+bug/54180/+subscriptions