S/Key solution

Gert Doering gert at greenie.muc.de
Fri Nov 10 10:10:44 EST 2000


Hi,

On Thu, Nov 09, 2000 at 10:30:28AM -0600, Ben Lindstrom wrote:
> Moving back to skey_keyinfo() makes it work, *BUT* ignores the original
> problem which is stated in the 1.1 check in comments by Markus:
[..]
> So I assume the solution should be doing something like:
> 
> char *skey_fake_keyinfo(char *username)
> {                                               
>         int i;                                  
>         static char str[SKEY_MAX_CHALLENGE];    
>         struct skey skey;                       
>                                                 
>         i = skeychallenge(&skey, username, str);
>         if (i == -1) { ** Generated Fake Response ** } 
> 	                                                    
>         return(str);                            
> }                                               

Sounds fine to me, and should catch both problems.

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert.doering at physik.tu-muenchen.de





More information about the openssh-unix-dev mailing list