I wish there was a variant of sftp that used ssh for authentication and then dropped the encryption for transfer. I am transferring files over the local network and I do not care that our smart TV¹ is sniffing the packets. But what I *do* care about is that when I'm logging in my password not be sent in the clear²
¹ DEFINITELY compromised by at least three nation-state actors
² Where it will be captured by the nation-state actors which have compromised our smart TV
@mcc after many years wishing for this myself I don’t think it makes sense. If the transfer is unencrypted then attackers can not just observe but also corrupt (read: totally overwrite) the transfer in progress, in which case, why do you care about authentication at all, if your network is secure? Use plaintext HTTP.
@mcc I think most of the ssh perf stuff is addressed by figuring out which ciphers are accelerated on your particular hardware and sticking to those
