Bug#13389: [patch] support -c none
personally i believe it's my own choice whether to enable -c none or not.
with this patch, and the default /etc/ssh/sshd_config, none is disabled.
however if you place an appropriate Ciphers entry into sshd_config then
the none method is enabled.
for example:
Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr,none
-dean
diff -ru openssh-3.8.1p1/cipher.c openssh-3.8.1p1.dg1/cipher.c
--- openssh-3.8.1p1/cipher.c 2004-02-06 17:29:39.000000000 -0800
+++ openssh-3.8.1p1.dg1/cipher.c 2004-10-18 00:48:21.000000000 -0700
@@ -175,7 +175,7 @@
for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0';
(p = strsep(&cp, CIPHER_SEP))) {
c = cipher_by_name(p);
- if (c == NULL || c->number != SSH_CIPHER_SSH2) {
+ if (c == NULL || (c->number != SSH_CIPHER_SSH2 && c->number != SSH_CIPHER_NONE)) {
debug("bad cipher %s [%s]", p, names);
xfree(ciphers);
return 0;
@@ -343,6 +343,7 @@
int evplen;
switch (c->number) {
+ case SSH_CIPHER_NONE:
case SSH_CIPHER_SSH2:
case SSH_CIPHER_DES:
case SSH_CIPHER_BLOWFISH:
@@ -377,6 +378,7 @@
int evplen = 0;
switch (c->number) {
+ case SSH_CIPHER_NONE:
case SSH_CIPHER_SSH2:
case SSH_CIPHER_DES:
case SSH_CIPHER_BLOWFISH:
Reply to: