Date: Tue, 2 Jun 1998 13:32:26 +0200 From: Eivind Eklund <eivind@yes.no> To: ark@eltex.spb.ru Cc: robert+freebsd@cyrus.watson.org, Poul-Henning@paranoid.eltex.spb.ru, Kamp@paranoid.eltex.spb.ru, phk@critter.freebsd.dk, "J.A.,Terranson"@paranoid.eltex.spb.ru, sysadmin@mfn.org, "freebsd-security@FreeBSD.ORG"@paranoid.eltex.spb.ru, freebsd-security@FreeBSD.ORG Subject: Re: MD5 v. DES? Message-ID: <19980602133226.00055@follo.net> In-Reply-To: <199806021201.MAA19702@paranoid.eltex.spb.ru>; from ark@eltex.spb.ru on Tue, Jun 02, 1998 at 12:01:01PM %2B0000 References: <19980602015132.55099@follo.net> <199806021201.MAA19702@paranoid.eltex.spb.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 02, 1998 at 12:01:01PM +0000, ark@eltex.spb.ru wrote: > > The SSH-1 protocol doesn't make it possible to use s/key for one-time > > passwords, at least. There is no provision for showing a challenge to > > the user. > > Don't know what is "SSH-1" protocol you are reffering to, but ssh > (at least versions 1.2.20 and newer) do support OTP and even > authentication server. Are you referring to the SecurID support? This is challenge-free, and this comment is from the third paragraph of README.SECURID in the ssh distribution: [ ... ] It would be nice if we could change the prompt, but this would involve changing the dialog between the server and the client (since it the server that knows the user's authentication protocol, but the client which does the prompt). Maybe next time. As I said, there is no way of presenting a challenge - which is extremely annoying. I don't know if this is fixed in V2.0 of the protocol. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980602133226.00055>