[ale] unencrypted SSH

Mike Murphy mike at tyderia.net
Mon Aug 16 23:14:16 EDT 2004


Modern SSH's generally don't let you turn ecryption off entirely. It may 
be something you can do with OpenSSH at compile time though. Blowfish 
has a reputation for being the fastest of the commonly supported 
compression protocols, but your mileage may vary.

What you can do that will save some processor time is turn off 
compression (put CompressionLevel 0, I believe, in you client's ssh 
config).

Mike


Geoffrey wrote:
> David Corbin wrote:
> 
>> Access to my corporate network is via VPN, that I can easily get to 
>> work with Windows (since that's they way IT supports).  I've setup an 
>> old laptop to run Windows at home, and I have it run (cygwin) ssh port 
>> forwarding so that I can access my office system(s) from the rest of 
>> my home LAN (which is substantially Linux, of course).  Now that I've 
>> finally made some progress in replacing my office desktop with Linux, 
>> I'm sshing to a my local windows system to execute apps on the office 
>> system.
>>
>> What this means, I think, is that my poor little "VPN relay" is having 
>> to burn a lot of CPU encrypting and un-encrypting stuff without 
>> cause.  One cycle of that is for a local LAN connection where I have 
>> complete physical security (my home), and the other is encrypting the 
>> port forwarding that's going over a VPN and thus already encrypted once.
>>
>> So, is there a way to invoke SSH that will NOT do encryption of the 
>> basic data stream?
> 
> 
> Hmmm, I don't know, but you could use the blowfish cypher, it's a bit 
> faster.  Not as secure, but generally considered secure enough.
> 


-- 

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Mike Murphy
781 Inman Mews Drive Atlanta GA 30307
Landline: 404-653-1070
Mobile: 404-545-6234
Email: mike at tyderia.net
Email Pager: pagemike at tyderia.net
AIM: mmichael453
ICBM: 33:45:14.0584N  84:21:43.038W
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+



More information about the Ale mailing list