Its possible that the client wants to use the non-repudiation
features for users and hosts from ssh but not encrypt the actual
session. Many large organizations prohibit encrypted traffic on their
internal network because they want to be able to sniff network traffic
on their internal network as part of their security auditing
methodology. Host based key authentication/verification is a good way to
ensure nobody inserts malicious hosts on the network that masquerade as
a trusted host.

Chris


-----Original Message-----
From: Andrew Haninger [mailto:ahaning@gmail.com]=20
Sent: Wednesday, June 15, 2005 9:34 AM
To: Alvaro Colunga
Cc: AUGERT Jean Philippe (EURIWARE); secureshell@securityfocus.com
Subject: Re: SSH with no crypt


On 6/14/05, Alvaro Colunga wrote:
> i think ssh without encryption would be telnet, you can use telnet if
> you need a terminal without that feature

I think the original poster was requesting information on the
possibility of initializing a SSH2 connection without encryption as
was possible with an older version of SSH1.

It sounds like it will be difficult to find such a feature in a recent
version as it would seem so pointless.

Maybe a better description of the situation would make it easier for
people to give help.

-Andy