search for: dh_gex_sha1

...ves >the requirement of having to install an extra configuration file. I do not see that as a benefit. The purpose of having an extra file is that you can use new groups without recompiling the binaries. >* This is not currently done in OpenSSH -- in fact as far as I can tell, >using the DH_GEX_SHA1 key exchange method, an attacker can send a modulus >that is not prime (only the length is checked). Is this not a problem? No. It is not a problem. You have to trust the server already for everything that you do. If you do not trust your server, I suggest that you do not connect to it. ni...

This is to announce the availability of SRP (Secure Remote Password) support for OpenSSH. A tarball is available on Tripod: http://members.tripod.com/professor_tom/archives/ http://members.tripod.com/professor_tom/archives/openssh-2.5.2p2-srp5.tar.gz (Note: Tripod requires you to LEFT click on links to download files.) To install, unpack, configure --with-srp, and make install, then create an