Subject: Re: sshd config?
To: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
From: John Hawkinson <jhawk@MIT.EDU>
List: tech-userlevel
Date: 11/28/2003 18:55:30
Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de> wrote on
Sat, 29 Nov 2003 at 00:54:47 +0100 in
<Pine.GSO.4.53.0311290053580.6140@rfhpc8317>:
> On Thu, 27 Nov 2003, der Mouse wrote:
> > I may be crazy, but I'm not totally nonsentient.)
>
> I wanted "no encryption etc." before too, to get scp up to speed (knowing
> the security implications of course)
My [possibly flawed] understanding is that using 'none' causes
authentication to be insecure, not just encryption. So not only might
it compromise the current transaction, it could compromise future
transactions.
--jhawk