Subject: Re: switching cipher to none after authentification when data needs no encryption

Re: switching cipher to none after authentification when data needs no encryption

From: Michel Valin <>
Date: Fri, 20 Aug 2010 14:50:34 -0400

i'll try to look into the client side of the code with the HPN mod and
see how the client requests it from the NoneEnabled/NoneSwitch sshd daemon.

might take me a while as i am not familiar at all with the mechanics of
ssh/ssl (an why i found libssh2 way simpler to use than the other
libraries in the first place)

Peter Stuge wrote:
> Hi again.
> Sorry, I misunderstood a little.
> Michel Valin wrote:
>> As i understand it, the "none" cipher turns encryption off from the
>> get go.
> Well, yes. It's a cipher algorithm which results in no encryption.
>> The question remains, how to switch from strong cipher at
>> authentication time to no cipher for data transfer.
> Yeah. You want to switch cipher in an established session, before
> opening any channels. libssh2 has no API for this, but go ahead and
> suggest something. If it's clean and you send a patch then I don't
> see why it wouldn't be included.
> //Peter
> _______________________________________________
> libssh2-devel

Michel Valin
Responsable, Soutien CHP | Head, HPC support
CHP & Opérations des TI nationales
HPC & National IT Operations
Direction du dirigeant principal de l'information
Chief Information Officer Branch
Environnement Canada | Environment Canada
2121, N. Trans canada, Dorval, QC, CANADA  H9P 1J3
Téléphone   | Telephone 514-421-4753
Télécopieur | Facsimile 514-421-4703
Gouvernement du Canada | Government of Canada
Entre deux mots, il faut choisir le moindre.
Always choose the shortest of two words.
Paul Valéry
Received on 2010-08-20