Re: can compression be safely used with SSH?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



> Killing the connection if the client suggests the wrong option is
> quite hostile to the user. I don't think we'd want that.
>
> It's theoretically possible to force a rekeying after authentication
> with new options, but this is slow: several client/server round-trips
> plus the potentially very slow key exchange crypto. IMO it's too slow
> and confusing to be worth implementing.

Would it be difficult to implement? I guess it's the only clean way
then to restrict compression to certain users (if killing the
connection isn't an option).
And the slowness would probably not really matter, since it's only
necessary to work like that, when being used in a Match section, which
most people will never do.

Shall I open a wishlist ticket about that?

Thanks,
Philippe
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux