How to use hpn-ssh with SSHFS ?

[SR-G]

Hello,

So after quite time being spent on this, i think i've finally came to the point where i have :

• an ARM debian with HPN-SSH 0.79p1 acting as a server (with locally patched & recompiled binaries + proper configuration in /etc/ssh/sshd_config)
• a x86 archlinux acting as a client, with HPN-SSH 0.85p1 (installed from AUR, and with proper configuration in /etc/ssh/ssh_config)

I think that a regular SSH or SCP connection is working without encryption, as when i'm using ssh <username>@<debian_server> i get in the console :

NoneSwitch is found in /etc/ssh/ssh_config.
You may only use this configuration option from the command line
Continuing...

And, sadly, now i'm stuck : i've spent many hours configuring the server side (and to be honest, this is far away from being easy / self-explanatory, by the way, but this is another topic) in order to be able to activate the "no encryption" mode while using it through SSHFS ... just to discover that it's only available when using ssh or scp command on the command line.

Is there any workaround ?

Also (but i suppose this is 100% expected) i'm never able to use the -c none configuration (on CLI) or Ciphers: none (in configuration), whereas i can get the following result by activating on client side a not-activated-on-server-side encryption cipher :

ssh root@<debian_server> -c aes128-cbc   // valid cipher but NOT activated on server side
NoneSwitch is found in /etc/ssh/ssh_config.
You may only use this configuration option from the command line
Continuing...
Unable to negotiate with <debian_server> port 22: no matching cipher found. Their offer: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,none

• Note the "none" at the end of the list !
• However this is not shown anywhere else (neither on server side, nor on client side), for example when doing a ssh -Q cipher i get :

ssh -Q cipher

3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

My SSHFS configuration looks like, for example, with systemd :

[Unit]
Description=Mount remote fs with sshfs for helios 64

[Install]
WantedBy=multi-user.target

[Mount]
What=root@<debian_server>:/mnt/internal/raid/media/
Where=/mnt/network/helios64/test
Type=fuse.sshfs
Options=_netdev,allow_other,IdentityFile=/root/.ssh/id_rsa,reconnect,default_permissions,ServerAliveInterval=30,ServerAliveCountMax=5,x-systemd.automount,uid=0,gid=0,Compression=no,cache=yes,kernel_cache
TimeoutSec=60

Of course here i'm not allowed to enter in any way Cipher=none (this is not accepting) or NoneSwitch ... (this is probably forbidden by SSHFS).

I also tried something around ssh_command="ssh NoneEnabled=yes NoneSwitch=yes" but this is not working in any way ... (neither in systemd automount files, nor on command line).

Any ideas ? Is it possible in some way in the end to use the -c none flag ? (i still get the Unknown cipher type 'none' when using this cipher on command line).

Thanks in advance.

[S-trace]

Use -o ssh_command="ssh -o NoneSwitch=yes -o NoneEnabled=yes" parameter for sshfs. You will NOT see "WARNING: ENABLED NONE CIPHER!!!", but NONE cipher will be activated (you can check this using Wireshark if you want - just create a file with some text inside on the server and then download it via SSHFS - you will be able to see file's data in strings wireshark_trace.pcap output).