SRP secure remote password authentication

Jeremy Nysen jnysen-openssh at
Thu Sep 18 08:58:34 EST 2003

--On Wednesday, 17 September 2003 12:25 PM -0700 Tom Wu <tom at> wrote:

> Dan Kaminsky wrote:
>> Consider:  You end up having to abandon OS level password systems.  No
>> PAM, no MD5 passwords...SSH needs to take it all inhouse, because the
> Actually, it's just a different "format" for OS-level password systems, implemented via
> PAM to support the new EPS password records.  So yes, you can't use crypt() or MD5, but
> EPS is merely a substitute for those. The PAM modules make EPS look like just another
> hash/salt algorithm.

I've been using Tom Holroyd's OpenSSH SRP patches for quite a while and they do exactly 
that. Under Redhat, the PAM module makes the EPS verifiers transparent to the 
applications, and lets EPS work with anything that uses PAM, (eg. Samba, login, imap, 
pop, ldap, etc). OpenSSH can still authenticate with EPS without the SRP patches through 
the PAM subsystem, but obviously this doesn't use the SRP protocol.

Also, looking at the SRP terms of use license, it seems to me that although there is a 
patent, there is not a patent problem. I would be all for the inclusion of something like 
Tom Holroyd's patch into the official OpenSSH tree - even if it was only included as an 
explicit compile time switch.


More information about the openssh-unix-dev mailing list