From owner-freebsd-current@FreeBSD.ORG  Fri Oct 17 23:24:40 2014
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 1B9FC710
 for <freebsd-current@freebsd.org>; Fri, 17 Oct 2014 23:24:40 +0000 (UTC)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com
 [IPv6:2a00:1450:400c:c05::229])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id AD637CF2
 for <freebsd-current@freebsd.org>; Fri, 17 Oct 2014 23:24:39 +0000 (UTC)
Received: by mail-wi0-f169.google.com with SMTP id h11so5201176wiw.0
 for <freebsd-current@freebsd.org>; Fri, 17 Oct 2014 16:24:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type;
 bh=8Ge9mdNID6RnySi0y8MIiK4A3+zdMY3S3TegLSzthNk=;
 b=THWG49bUDCHmyGOQbWvmWGtqtwLXkiXYzYeFHWSQfbMJJl3v5qDr+stmEyCkipKIve
 Nuj9LBmsryaPOG+wzB3elmMqT1NqgYR48Wk+fVyAyhJmCrA7bEUd+6T97qHJzxNEi15+
 9F+iFfgQpyKUSkB+7WpoSp/B5o4kL2+B9jwFrNeYzBD9S/FqZQMZ/bIfJlfLnc3X8uZY
 g0MeQx+fF4JvgcchGc0I4k0tQiUgtLTjMnJFJdP+L1DjeUf7USY7TxF8G8NCNmagpmbA
 TkEpBXS4qR51cJN8432sgDy1Sd2GHHnVTIVwU1MEHiuD5HYuIXMYlBxHYYW2WFcz1xfG
 KZ3A==
MIME-Version: 1.0
X-Received: by 10.180.21.163 with SMTP id w3mr2154711wie.66.1413586768344;
 Fri, 17 Oct 2014 15:59:28 -0700 (PDT)
Received: by 10.194.190.78 with HTTP; Fri, 17 Oct 2014 15:59:28 -0700 (PDT)
Date: Sat, 18 Oct 2014 06:59:28 +0800
Message-ID: <CAOc73CCvQqwg65tt9vs54CoU1HGvV7ZxLWeQwXiSOm8UjtV50w@mail.gmail.com>
Subject: ssh None cipher
From: Ben Woods <woodsb02@gmail.com>
To: freebsd-current@freebsd.org
X-Mailman-Approved-At: Sat, 18 Oct 2014 02:01:25 +0000
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Oct 2014 23:24:40 -0000

Whilst trying to replicate data from my FreeNAS to my FreeBSD home theater
PC on my local LAN, I came across this bug preventing use of the None
cipher:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=163127

I think I could enable the None cipher by recompiling base with a flag in
/etc/src.conf.

Is there any harm in enabling this by default, but having the None cipher
remain disabled in /etc/ssh/sshd_config? That way people wouldn't have it
on my default, but wouldn't have to recompile to enable it.

Thoughts?


-- 

--
From: Benjamin Woods
woodsb02@gmail.com