Van de Ven: Deprecating old crypto

Posted Mar 25, 2015 6:34 UTC (Wed) by epa (subscriber, #39769)
In reply to: Van de Ven: Deprecating old crypto by imgx64
Parent article: Van de Ven: Deprecating old crypto

I remember patching OpenSSH to add support for 'none' encryption. This was for running it on a 16Mhz 386SX where encryption ran slowly and I only wanted to talk over a LAN of two computers. ssh is higher quality code than rsh or telnet in many ways, so I wanted to keep using it, but have an option to talk unencrypted.

Conceivably a similar setup could be used for virtual machines to talk to other VMs on the same supervisor, where the virtual network interface has no risk of eavesdropping or MITM (unless deliberately configured to do so by the machine's owner). You might not want to do it on Microsoft Azure, but for your own compute farm it could be handy.

Van de Ven: Deprecating old crypto

Posted Mar 25, 2015 7:24 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

Also 'nones' are quite useful for debugging, so you can actually see what's happening inside your application.

Van de Ven: Deprecating old crypto

Posted Mar 25, 2015 13:56 UTC (Wed) by arjan (subscriber, #36785) [Link]

"none" encryption certainly has its uses... as long as it for 400% sure it's never in any automated downgrade negotiation path and can only be used by explicit command line (or I suppose config file) configuration.