[cryptography] ssh-keys only and EKE for web too (Re: preventing protocol failings)

Ralph Holz holz at net.in.tum.de
Wed Jul 13 08:21:43 EDT 2011


On 07/13/2011 01:34 PM, Ian G wrote:
> Is there any reason why the ssh client-side can't generate the key, take
> the password from the user, login and install the key, all in one
> operation?

Hm, I think there's actually a tool to do just that, although I don't
remember the name. You'd probably still have to disable password access.


Dipl.-Inform. Ralph Holz
I8: Network Architectures and Services
Technische Universität München

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20110713/1611de77/attachment.asc>

More information about the cryptography mailing list