From 84ac3057044b8df2c94040e5196a1216a840c1cb Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Mon, 21 Jul 2014 12:16:49 +0200
Subject: [PATCH] Comment out (potentially) insecure ciphers arcfour and none.

---
 phpseclib/Net/SSH2.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php
index 395da5a2..aed3b4ab 100644
--- a/phpseclib/Net/SSH2.php
+++ b/phpseclib/Net/SSH2.php
@@ -1098,7 +1098,7 @@ class Net_SSH2
                 'arcfour256',
                 'arcfour128',
 
-                'arcfour',        // OPTIONAL          the ARCFOUR stream cipher with a 128-bit key
+                //'arcfour',        // OPTIONAL          the ARCFOUR stream cipher with a 128-bit key
 
                 // CTR modes from <http://tools.ietf.org/html/rfc4344#section-4>:
                 'aes128-ctr',     // RECOMMENDED       AES (Rijndael) in SDCTR mode, with 128-bit key
@@ -1126,7 +1126,7 @@ class Net_SSH2
                 '3des-ctr',       // RECOMMENDED       Three-key 3DES in SDCTR mode
 
                 '3des-cbc',       // REQUIRED          three-key 3DES in CBC mode
-                'none'            // OPTIONAL          no encryption; NOT RECOMMENDED
+                //'none'            // OPTIONAL          no encryption; NOT RECOMMENDED
             );
 
             if (phpseclib_resolve_include_path('Crypt/RC4.php') === false) {