improving ssh
Taral
taralx at gmail.com
Mon Jul 16 20:08:14 EDT 2007
On 7/14/07, Ed Gerck <edgerck at nma.com> wrote:
> 1. firewall port-knocking to block scanning and attacks
I would love to see a mode like freenet's silent bob, where connectors
must prove probable knowledge of the host key before the node will
talk.
> 5. block sending host key fingerprint for invalid or no username
This makes some sense...
1. Client may request proof of host private key.
2. Client must authenticate.
3. Client may request a copy of the host public key.
--
Taral <taralx at gmail.com>
"Please let me know if there's any further trouble I can give you."
-- Unknown
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list