[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Getting SRP into the tree.
>>>>> "Slawek" == Slawek Zak <S.Zak@altkom.com> writes:
Slawek> plain text (I know about S/Key but read on) and because of
Slawek> possibility of getting your password when the attacker has
Slawek> the root privs on the server you are connecting to. SRP
Slawek> doesn't make you reveal your password to the server ever.
Don't forget about RSA authentication. This way your passphrase never
leaves your system. ssh(1)
About "ever", I don't remember if password can be changed without actually
giving it to the server, can it?