On Sun, 5 Dec 1999, Darxus wrote:
> This disturbs me immensely.
> I have no desire do do anything commercial or criminal over these
> connections, I just want to keep people w/ packet sniffers off of my root
> password.
You need to use zero knoweldge authentication.
SRP (http://freshmeat.net/appindex/1998/12/02/912647990.html) is a ZKP
that is available as a PAM module for linux, with modified telnet and ftp
clients available.
With a zero knoweldge protocol, even an active MtM can not determin your
password.
