EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSH support for "zlib@openssh.com" compression

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
Posted: 05/17/2008 19:24:49
by Charles DeWeese (Standard support level)
Joined: 04/17/2008
Posts: 52

OpenSSH 4.2 introduces a variety of ZLIB compression called "zlib@openssh.com" which delays starting compression until after the server has sent SSH_MSG_USERAUTH_ACCEPT. It's configured to use this by default (or with the "Compression delayed" option), but ordinary "zlib" compression can be reinstated with "Compression yes".

The new method is specified in draft-miller-secsh-compression-delayed, currently -00. http://tools.ietf.org/html/draft-miller-secsh-compression-delayed

Since this is now the default configuration for OpenSSH it effectively limits the ability of using compression unless the server is re-configured.
Posted: 05/18/2008 02:13:24
by Eugene Mayevski (EldoS Corp.)

Thank you for your report.

It's a pity that custom non-standard format becomes the default one. That's a stupid breaking change. However, until it gets at least one more revision, it makes no sense to start implementing it. The reason is that some authors feel free to make breaking changes between drafts (we saw this with DomainKeys/DKIM), so hitting the running target becomes a hard job.

Other athors drop the drafts not leading them to release version (some SSH drafts like the one for X.509 auth. were dropped).

Once -02 is released, we will implement this feature.

Sincerely yours
Eugene Mayevski



Topic viewed 1732 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!