[95202] in cryptography@c2.net mail archive
Re: improving ssh
daemon@ATHENA.MIT.EDU (Taral)
Thu Jul 19 09:29:21 2007
Date: Mon, 16 Jul 2007 19:08:14 -0500
From: Taral <taralx@gmail.com>
To: "Ed Gerck" <edgerck@nma.com>
Cc: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <46991969.5070502@nma.com>
On 7/14/07, Ed Gerck <edgerck@nma.com> wrote:
> 1. firewall port-knocking to block scanning and attacks
I would love to see a mode like freenet's silent bob, where connectors
must prove probable knowledge of the host key before the node will
talk.
> 5. block sending host key fingerprint for invalid or no username
This makes some sense...
1. Client may request proof of host private key.
2. Client must authenticate.
3. Client may request a copy of the host public key.
--
Taral <taralx@gmail.com>
"Please let me know if there's any further trouble I can give you."
-- Unknown
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
