Subject: Re: FreSSH
To: NetBSD-current Discussion List <current-users@netbsd.org>
From: Sean Finney <seanius@seanius.net>
List: current-users
Date: 03/09/2002 21:49:02
On Sat, Mar 09, 2002 at 07:00:22PM -0500, Charles Shannon Hendrix wrote:
> On Sat, Mar 09, 2002 at 11:58:46PM +0100, Emiel Kollof wrote:
> > * Charles Shannon Hendrix (shannon@widomaker.com) wrote:
> > > 
> > > I don't care if my vi edits and the guts of my tar files are visible
> > > on the net.
> > 
> > Excuse me, but what about the mail you open with mutt, or your pgp 
> > passphrase then? If only the passwd is encrypted, all those other things
> > are cleartext. Sorry, not good enough.
> 
> 
> You are excused.
> 
> Use encryption for the data in those cases you cite.

an idea--

if *not* having encryption is such a big deal, why not just add a new
cypher protocol 'cleartext', which still provides mac authentication and
password encryption, without wasting the unwanted cycles on encryption?
Then again, I'm running my box on a P90 w12MB RAM, and it doesn't seem
to get in the way of life too much to have it all encrypted. But anyway
I imagine that it wouldn't be too difficult--just take some other cypher
and take out the code the encrypts stuff.  Then again, I'm more or less
speaking ex rectum, as it were...

> In cases like that, you only need your login information encrypted,
> the rest simply doesn't matter.

yeah, but if it were to be used for ssh logins as opposed to file
transfers, I could see the average user forgetting which terminals were
'real' ssh and which ones were cleartext when ssh'ing to another machine.

--sean