Re: Generic challenge-repsonse aunetication in ssh2

[Frank Cusack]

In message <>, 
Stefan Jon Silverman writes:
> having to worry about the client. There should also be some more work
> done on the protocol specs to deal with un-updated clients and rollover
> to other authentication mechanisms.

I don't think anything needs to be said about un-updated clients:
they simply won't work. Rollover to other mechanisms is already
specified.

> 
>       For the wish list, I would love to see the binary configuration
> flags for authentication types modified to reflect some sort of
> ordering of desired methods (perhaps even allowing several to be at the
> same level). It would also be nice to introduce the concept of

This could be accomplished easily through PAM; except for RSA auth,
and that may even be possible through PAM_BINARY (but I doubt it).

I really will work on posting my PWPLUS spec this weekend. :)
I'll also try to make ssh1 patches available to those in the US.

~frank