On Mon, 8 Feb 1999, Martin Forssen wrote:
> I am not really sure that is a good idea since the conditions are quite
> different. The draft mentioned above is quite concerned with protecting
> the authentication data while on the wire whereas in ssh we already have a
> secure channel when authenticating.
Fair enough. I didn't say it should be identical, but it'd be a lot
better if whatever mechanism is used in SSH can share the same format for
the predigested password verifiers on the server end. FYI, there appears
to be a good chance that DIGEST-MD5 will have OS support in Windows 2000.
It's certainly nice to be able to use the OS password services rather than
rolling your own.
- Chris
- Generic challenge-repsonse aunetication in ssh2 Martin Forssen
- Re: Generic challenge-repsonse aunetication in ... Frank Cusack
- Re: Generic challenge-repsonse aunetication... Andrew Morgan
- Re: Generic challenge-repsonse aunetication in ... Joe Rhett
- Re: Generic challenge-repsonse aunetication in ... Chris Newman
- Re: Generic challenge-repsonse authenticati... Jean Chouanard
- Re: Generic challenge-repsonse aunetication... Martin Forssen
- Re: Generic challenge-repsonse aunetica... Chris Newman
- Re: Generic challenge-repsonse aune... William H. Geiger III
- Re: Generic challenge-repsonse... Chris Newman
- Re: Generic challenge-reps... Martin Forssen
- Re: Generic challenge-... Chris Newman
- Re: Generic challenge-... Frank Cusack
- Re: Generic challenge-... Chris Newman
- Re: Generic challenge-repsonse aunetication in ... Jean Chouanard
- Re: Generic challenge-repsonse aunetication... Andrew Morgan
- Re: Generic challenge-repsonse aunetica... Jean Chouanard
- Re: Generic challenge-repsonse aune... Martin Forssen
