Last S/Key thing to consider...

Ben Lindstrom mouring at
Fri Nov 10 13:15:38 EST 2000

What is everyone's opinion on reverting back to the OpenBSD's auth-skey.c
which uses S/Key's sha1.h and libskey.a instead of OpenSSL.

Personally it does not matter to me.  I would perfer to revert back
myself to reduce the differences between the two code trees.  (Or if
OpenBSD could pick up the changes.  Either way.)

I've already sent a patch to the person doing the portable OpenBSD S/Key
library with a few minor corrects and a request to expose sha1.h since
I know a few other projects that would use it.

Either way it won't really matter since it's only used to generate the
false S/Key response (But they do actually give different OTP outputs).

- Ben

More information about the openssh-unix-dev mailing list