• OpenSSH 7.7 :: Is Null (or No) Ciphers available?

    From Alex L.@21:1/5 to All on Tue Jul 10 18:12:39 2018
    Hi Folks,

    I know this particular topic was talked about a few times in the past (~2004 or so) and I did want to bring this up again. First, I understand the security implications of having the option of a NULL (or no) cipher and how there are other cipher suites
    amenable to lower (end device) resource consumption however, my ask is coming at this question in a different way.

    The context of my ask is around rsync (utilizing SSH of course) and the fact we transfer boat loads of data across the WAN to our remote sites. SSH has been a long-standing and trusted application with our Security team and for good reason. Now, the
    scope of the security teams' concern is mainly clear-text data traversing over the WAN and lesser around clear-text transfers occuring behind our DMZ's and secondary/tertiary IPS/IDS systems. That being said, given that my task is to ensure our data
    transfers complete, in a timely fashion, while minimizing costs (of course), I had thought about this whole NULL (or no) cipher notion. Our network team has WAN optimization devices that can encrypt the clear-text rsync/ssh sessions and this WAN
    optimization device is trusted by our Security team and so I figured I could try and rebuild OpenSSH 7.7 to support NULL (or no) encryption on data packets that this would be a win-win for me.

    The question to the greater audience is if whom rebuilt OpenSSH 7 (or something recent) and if they could explain that process to me.

    Thank you in advance and take care!

    Alex

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)