SSH without encryption?
David Deutsch
encryption? The reason I would like this is that I am currently forwarding
ports from machine B to machine A, where A is the client and B is the
server. The thing is, some features of port forwarding can supposedly work
differently with this "reverse" forwarding. So, I would like to have
machine A use SSH to connect to machine B, and set up forward one port from
B to A. Machine B would then use that port to connect to machine A via SSH
without encryption, and set up all the "normal" port forwarding it would
need. The reason I do not want to use encryption the second time is that it
would slow things down, and the session is already encrypted.
Thanks,
Dave
Darren Tucker
David Deutsch <spt...@71broadway.info> wrote:
>Is there any way to get the port-forwarding abilities of SSH without the
>encryption?
Depends on the software. The SSH2 spec has a "none" cipher but it's
listed as "NOT RECOMMENDED" and some implementations (eg OpenSSH)
don't support it.
[...]
>The reason I do not want to use encryption the second time is that it
>would slow things down, and the session is already encrypted.
Have you actually *measured* a difference? A fast cipher like arcfour
is almost as fast as no encryption, and the bottleneck is usually the
MAC anyway.
If you're using OpenSSH and *can* measure a difference then you may want
to take a look at the high-performance patches at:
http://www.psc.edu/networking/projects/hpn-ssh/
Note: unless you have a network with a large BDP (bandwidth-delay product,
aka a "long, fat pipe") then the patch will probably make little if any
difference.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.