Bug 1430

Summary: Restore support for "none" cipher, i.e., unencrypted connections
Product: Portable OpenSSH Reporter: Jonathan Kamens <jik>
Component: MiscellaneousAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED WONTFIX    
Severity: normal CC: djm
Priority: P2    
Version: 4.7p1   
Hardware: Other   
OS: Other   

Description Jonathan Kamens 2008-01-11 10:46:09 AEDT
Support for the "none" cipher, i.e., for unencrypted SSH connections, should be restored.

I tested the data transfer speed when using SSH with the arcfour cipher between two servers on a gigabit LAN with 2.4GHz CPUs.  The transfer speed turns out to be around 30MB/s.

30MB/s is fine when you're transferring over most WAN connections or when you're transferring across a 1Mbit network or even a 10Mbit network.  In these scenarios, the SSH transfer speed is still faster than the network speed, so SSH introduces no delay in the transmission of the data.

However, gigabit copper is becoming ubiquitous, and even fiber to the desktop isn't so uncommon anymore.  Every computer at my company has a gigabit NIC plugged into a gigabit switch.  In a gigabit environment, an encrypted SSH transfer using 2.4GHz CPUs, which are hardly slow or obsolete, is 70% slower than an unecrypted transfer would take.

When I'm transferring a big chunk of data across my corporate LAN, I don't need for the data to be encrypted.  All I need is a way to initiate the connection securely.  SSH can provide that, but it sucks big time that after the connection is initiated, I have to sit around twiddling my thumbs waiting for a transfer that could be going more than three times as fast if it weren't for the unnecessary encryption.
Comment 1 Damien Miller 2008-01-20 05:49:09 AEDT
Sorry, but we will not support null cipher or MAC in OpenSSH. This has been discussed at length on the mailing list.
Comment 2 Damien Miller 2008-04-04 10:02:16 AEDT
Close resolved bugs after release.