AFS and tokenforwarding

Tom Holroyd tomh at
Fri Oct 5 11:15:28 EST 2001

On 4 Oct 2001, Bjoern Groenvall wrote:

> I don't think any of the ssh (at least v1) authentication mechanisms
> really authenticate the server. ...
> A similar problem exists with the common "pass passwords in
> the clear" methods used by ssh. Hopefully this is fixed in v2 but I
> never really bothered to check.

Just FYI, the OpenSSH SRP patch (v2 protocol only,
see solves
both of these problems -- with SRP you only enter your password/passphrase
on the client side, it's secure against MITM attacks, and it authenticates
the server (i.e. with SRP you KNOW that the server really contains your
secret verifier, and isn't just letting you in) in addition to the client.

SRP can also be forwarded over untrusted hosts, although the current
implementation doesn't do it yet.  This would solve the problem of
entering a password on a client that's running on a remote (and possibly
cracked) host by forwarding the SRP session back to the real (local)
client (or agent).

Dr. Tom Holroyd
"I am, as I said, inspired by the biological phenomena in which
chemical forces are used in repetitious fashion to produce all
kinds of weird effects (one of which is the author)."
	-- Richard Feynman, _There's Plenty of Room at the Bottom_

More information about the openssh-unix-dev mailing list