* Michael Richardson <m...@sandelman.ca> [24.12.2015 22:14]:
> 2) if the user is "used" to a key mismatch, and they type their password in,
>    the password has just been compromised.

this is indeed true for IPv6/linklocal

> A better approach is that the ssh daemon should start, open port 22, and then
> do SSHv2 transport mode up to the key-exchange, and then just respond to
> keep alives, ideally with a message to "Please stand by", if we can find
> a way to do that in-protocol. (wow. it's been 18 years since I worked at 
> ssh...)

this is very interesting.
i'am not sure how big this impact is to the dropbear codebase, but i like it.

thanks for your feedback. bye, bastian
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

Reply via email to