Date: Tue, 02 Jun 1998 08:13:31 -0700 From: Mike Smith <mike@smith.net.au> To: Roger Marquis <marquis@roble.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: SSH + s/key (was: Re: MD5 v. DES) Message-ID: <199806021513.IAA00439@antipodes.cdrom.com> In-Reply-To: Your message of "Mon, 01 Jun 1998 21:18:55 PDT." <Pine.SUN.3.96.980601210938.14212B-100000@roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Tue, 2 Jun 1998, Eivind Eklund wrote: > > The SSH-1 protocol doesn't make it possible to use s/key for one-time > > passwords, at least. There is no provision for showing a challenge to > > the user. > > Partly true. You can accomplish the same goal by creating an "skey" user > account with no password and skeysh as the shell. "ssh <remote_host> -l > skey" will establish an encrypted connection, log into the skey account > and ask for a username before displaying the skey sequence number and > password prompt. Except that logging in is only one of the things that you do with a username/password pair. How does this help, eg. FTP? -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806021513.IAA00439>