On Thu, Mar 16, 2000 at 01:46:22PM -0500, Phillip Rulon wrote:
> Provide equivalent functionality with lsh. Does it do RSA key
> authentication, etc? If so, we should first configure it to run lsh
> primarily and the hand off to ssh on failure. That way lsh is given
> preferential treatment. Then we can test the connection and make sure
> that it will actually run.
>
> The point is that RSA is the problem.
Sorry, I meant RSA-like authentication. I'm don't care how it does it.
> If we set up lsh to use it we won't
> be able to use lsh ether. Having said that, I think we should try to use lsh
> as it is, even if it means marginally less security. The DTRT way to go on
> this is kserver:. But we seem to have a fear of kerberos problem.
Not really a fear: It's simply an option that we have provided to people
so far, and I beleive that it's better to try to solve the problem rather
than Hurd them in another direction. From other emails on this list, it
looks like the next version of lsh will do everything that we need, so I
feel it's best to go ahead with that plan.
Besides, it'll be good publicity for lsh anyway.. ;)
--
There is no sin except stupidity.
- Oscar Wilde
