openssh-unix-dev January 2011 archive
Main Archive Page > Month Archives  > openssh-unix-dev archives
openssh-unix-dev: Re: SRP for OpenSSH

Re: SRP for OpenSSH

From: Albert Strasheim <albert.strasheim_at_nospam>
Date: Sun Jan 23 2011 - 19:04:16 GMT
To: Markus Friedl <mfriedl@gmail.com>

Hello

On Sun, Jan 23, 2011 at 8:14 PM, Markus Friedl <mfriedl@gmail.com> wrote:
> OpenSSH already has jpake support.

Have the concerns about JPAKE mentioned in the comments in this blog:

http://rdist.root.org/2010/09/08/clench-is-inferior-to-tlssrp/

been resolved?

For example: "The JPAKE in OpenSSH is unfinished and I donít recommend
enabling it".

Regards

Albert

> On Saturday, January 22, 2011, Albert Strasheim
> <albert.strasheim@gmail.com> wrote:
>> Hello all
>>
>> Support for Secure Remote Password (SRP) for OpenSSH was last discussed in 2004:
>>
>> http://marc.info/?l=openssh-unix-dev&w=2&r=1&s=SRP&q=b
>>
>> There's a SRP patch for OpenSSL that's about 2 years in the making:
>>
>> http://rt.openssl.org/Ticket/Display.html?id=1794
>>
>> Tom Wu from Stanford has been working on that.
>>
>> Has anything changed since 2004 that would make inclusion of SRP in
>> OpenSSH possible now?
>>
>> Regards
>>
>> Albert
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev