Hi Chris,

That's exactely this situation : my organization want to sniff every =
network
traffic but i use ssh for many years, so a lot of scripts are based on =
this
protocol.

That's why i'would like to continue using SSH ....

Jean-Philippe AUGERT
Cellule Intranet et Reporting & Cellule Hebergement Web
EURIWARE - CSA - CHAMBERY - TECHNOLAC

-----Message d'origine-----
De=A0: Price, Christopher [mailto:Christopher.Price@encana.com]=20
Envoy=E9=A0: mercredi 15 juin 2005 22:30
=C0=A0: Andrew Haninger; Alvaro Colunga
Cc=A0: AUGERT Jean Philippe (EURIWARE); secureshell@securityfocus.com
Objet=A0: RE: SSH with no crypt


Its possible that the client wants to use the non-repudiation
features for users and hosts from ssh but not encrypt the actual
session. Many large organizations prohibit encrypted traffic on their
internal network because they want to be able to sniff network traffic
on their internal network as part of their security auditing
methodology. Host based key authentication/verification is a good way =
to
ensure nobody inserts malicious hosts on the network that masquerade as
a trusted host.

Chris


-----Original Message-----
From: Andrew Haninger [mailto:ahaning@gmail.com]=20
Sent: Wednesday, June 15, 2005 9:34 AM
To: Alvaro Colunga
Cc: AUGERT Jean Philippe (EURIWARE); secureshell@securityfocus.com
Subject: Re: SSH with no crypt


On 6/14/05, Alvaro Colunga wrote:
> i think ssh without encryption would be telnet, you can use telnet if
> you need a terminal without that feature

I think the original poster was requesting information on the
possibility of initializing a SSH2 connection without encryption as
was possible with an older version of SSH1.

It sounds like it will be difficult to find such a feature in a recent
version as it would seem so pointless.

Maybe a better description of the situation would make it easier for
people to give help.

-Andy


ATTENTION Le message contenu dans cet email ainsi que dans tout fichier
attach=E9 est destin=E9 exclusivement aux personnes dont le nom figure
ci-dessus. Il peut contenir des informations confidentielles ou =
prot=E9g=E9es
par le secret professionnel et dont la divulgation est strictement =
prohib=E9e.
Si vous avez re=E7u cet email par erreur,d=E9truisez-en le contenu. =
Vous n'=EAtes
pas autoris=E9, dans cette hypoth=E8se, =E0 copier, distribuer ou =
conserver ce
message. Merci.
WARNING This information in this mail and in any attachments is =
intended for
the above-mentioned addressees only. It may contain privileged or
confidential informationthe review, dissemination or disclosure of =
which is
strictly prohibited. If you have received this email by error, please
destroy it. In this case, you are not authorisedto disclose, copy,
distribute, or retain this message or any part of it. Thank you.