r228152: anyone got the None cipher working with base OpenSSH?
Freddie Cash
fjwcash at gmail.com
Fri Dec 2 23:43:00 UTC 2011
On Fri, Dec 2, 2011 at 3:39 PM, Jeremy Chadwick <freebsd at jdc.parodius.com>wrote:
> You also need to read README.hpn to understand fully how to get None
> cipher to work from the server AND client side, *AND* what the limits
> and caveats are. There are changes you need to make to
> /etc/ssh/sshd_config, and there are *multiple* -o switches you will need
> to use with the client (e.g. ssh -oCipher=none -oNoneEnabled=yes
> -oNoneSwitch=yes). If the WARNING message that is output to stderr
> bothers you, use -T.
>
Yeah, I've gone over all that. We've been using the HPN patches and None
cipher via openssh-portable from ports for a couple years now. Noticed the
HPN patches were added to the base OpenSSH, though, and thought I could use
that instead of the ports version, and ran into the "no None cipher" issue.
Thanks to the gentle prodding of Bjoern, I see that I missed the mention of
CFLAGS in the commit message, which is why it wasn't working for me. :)
I'm going to go with over-excitement due to too much coffee for this one.
:)
I'm testing out the make.conf snippet you posted now.
--
Freddie Cash
fjwcash at gmail.com
More information about the freebsd-stable
mailing list