[Last Call] Learn how to a build a cloud-first strategyRegister Now


Arcfour256 safety in SSH

Posted on 2011-10-26
Medium Priority
Last Modified: 2013-11-16
I read several contrasting analysis on the alleged safety of the Arcfour256 cipher. I'd like to use it in SSH because it's the fastest cipher, but is it actually so easy to break?

Question by:jiiins2
  • 3
  • 2
LVL 63

Expert Comment

ID: 37040389
Why is fast so important to you ?

I would stick with the standards rather than doing with one that even has a slim chance of being broken.

Also I would test to see if you can notice any difference in speed.

I hope this helps !

Author Comment

ID: 37042840
Thanks. Fast is important because I need to tunnel a lot of web traffic... Any ideas on my question?
LVL 22

Accepted Solution

Brian Utterback earned 2000 total points
ID: 37214200
No, it is not very easy to crack. Most of the problems that have existed with ARCFOUR256 have to do with *how* it is used, not due to its inherent weakness. That said, there are attacks and you should avoid it for new applications. How worried are you about someone attacking your session? Government/NSA worried? Or Casual/Script Kiddie worried?
Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.


Author Comment

ID: 37214442
I'd say casual worried... Is there anything particular I should or shouldn't do when using it with ssh to make tunnels?
LVL 22

Assisted Solution

by:Brian Utterback
Brian Utterback earned 2000 total points
ID: 37214730
You should be okay. If you are tunneling, I would try to re-create the tunnels periodically. The longer it exists, the longer an attacker has to figure out the key.

Author Closing Comment

ID: 37217217

Featured Post

How to change the world, one degree at a time.

By embracing technology, we can solve even the biggest problems—including the gender gap.  By earning a degree from WGU, you have an opportunity to gain the knowledge, credentials, and experience it takes to thrive in today’s high-growth IT industry.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question