SRP secure remote password authentication
tom at arcot.com
Thu Sep 18 05:25:27 EST 2003
Dan Kaminsky wrote:
> Consider: You end up having to abandon OS level password systems. No
> PAM, no MD5 passwords...SSH needs to take it all inhouse, because the
Actually, it's just a different "format" for OS-level password systems,
implemented via PAM to support the new EPS password records. So yes,
you can't use crypt() or MD5, but EPS is merely a substitute for those.
The PAM modules make EPS look like just another hash/salt algorithm.
> Search for Tom Holroyd's (Dr. Tom) work on this subject.
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
Chief Security Architect
More information about the openssh-unix-dev