Greetings, I'm doing some research into ssh and its underlying cryptographic methods and I have questions. I don't know whom else to ask and humbly ask for forgiveness if I'm way OT.
So, SSH uses algorithms like ssh-dss or ssh-rsa to do key exchange. These algorithms can defeat any attempts on eavesdropping, but cannot defeat man-in-the-middle attacks. To defeat them, some pre-shared information is needed - key fingerprint. If hypothetically someone uses instead of the plain text authentication some challenge-response scheme, based on user's password or even a hash of user's password would ssh be able to avoid the need the user to have key fingerprints of the server prior the first connection? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
