From owner-freebsd-security Tue Aug 21 14: 7:15 2001 Delivered-To: freebsd-security@freebsd.org Received: from falcon.mail.pas.earthlink.net (falcon.mail.pas.earthlink.net [207.217.120.74]) by hub.freebsd.org (Postfix) with ESMTP id 77F3837B401 for ; Tue, 21 Aug 2001 14:07:11 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from blossom.cjclark.org (dialup-209.245.130.30.Dial1.SanJose1.Level3.net [209.245.130.30]) by falcon.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id OAA09359; Tue, 21 Aug 2001 14:05:49 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.4/8.11.3) id f7LL2po72486; Tue, 21 Aug 2001 14:02:51 -0700 (PDT) (envelope-from cjc) Date: Tue, 21 Aug 2001 14:02:30 -0700 From: "Crist J. Clark" To: Rob Simmons Cc: Matt Piechota , Wes Peters , "Carroll, D. (Danny)" , freebsd-security@FreeBSD.ORG Subject: Re: Silly crackers... NT is for kids... Message-ID: <20010821140230.X313@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20010821143517.L23909-100000@cithaeron.argolis.org> <20010821150657.G21383-100000@mail.wlcg.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010821150657.G21383-100000@mail.wlcg.com>; from rsimmons@wlcg.com on Tue, Aug 21, 2001 at 03:14:36PM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 21, 2001 at 03:14:36PM -0400, Rob Simmons wrote: > On Tue, 21 Aug 2001, Matt Piechota wrote: > > > No No, on the realtime machine controllers (QNX), or OCR nodes that need > > all the cpu cycles they can get. I'm talking about the [de|en]crypt on > > the remote side, not the PC side. Every bit or performance matters, and > > could be the difference between us and someone else getting a contract. > > There should be a way to configure sshd so that only the username/password > exchange is encrypted. The rest of the connection would be unencrypted. > You would get some of the benefits of ssh without a constant performance > hit. Use one-time passwords with telnet. But I have yet to find a situation where the "constant performance hit" of SSH is noticable. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message