EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSH support for "zlib@openssh.com" compression

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#6300
Posted: 05/17/2008 19:24:49
by Charles DeWeese (Standard support level)
Joined: 04/17/2008
Posts: 52

OpenSSH 4.2 introduces a variety of ZLIB compression called "zlib@openssh.com" which delays starting compression until after the server has sent SSH_MSG_USERAUTH_ACCEPT. It's configured to use this by default (or with the "Compression delayed" option), but ordinary "zlib" compression can be reinstated with "Compression yes".

The new method is specified in draft-miller-secsh-compression-delayed, currently -00. http://tools.ietf.org/html/draft-miller-secsh-compression-delayed

Since this is now the default configuration for OpenSSH it effectively limits the ability of using compression unless the server is re-configured.
#6301
Posted: 05/18/2008 02:13:24
by Eugene Mayevski (EldoS Corp.)

Thank you for your report.

It's a pity that custom non-standard format becomes the default one. That's a stupid breaking change. However, until it gets at least one more revision, it makes no sense to start implementing it. The reason is that some authors feel free to make breaking changes between drafts (we saw this with DomainKeys/DKIM), so hitting the running target becomes a hard job.

Other athors drop the drafts not leading them to release version (some SSH drafts like the one for X.509 auth. were dropped).

Once -02 is released, we will implement this feature.


Sincerely yours
Eugene Mayevski

Reply

Statistics

Topic viewed 1767 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!