Displaying 2 results from an estimated 2 matches for "dh_gex_sha1".
2001 Apr 03
2
the "primes" file
...ves
>the requirement of having to install an extra configuration file.
I do not see that as a benefit. The purpose of having an extra file
is that you can use new groups without recompiling the binaries.
>* This is not currently done in OpenSSH -- in fact as far as I can tell,
>using the DH_GEX_SHA1 key exchange method, an attacker can send a modulus
>that is not prime (only the length is checked). Is this not a problem?
No. It is not a problem. You have to trust the server already for
everything that you do. If you do not trust your server, I suggest that
you do not connect to it.
ni...
2001 Mar 30
2
BETA release of OpenSSH-2.5.2p2 with SRP
This is to announce the availability of SRP (Secure Remote Password)
support for OpenSSH. A tarball is available on Tripod:
http://members.tripod.com/professor_tom/archives/
http://members.tripod.com/professor_tom/archives/openssh-2.5.2p2-srp5.tar.gz
(Note: Tripod requires you to LEFT click on links to download files.)
To install, unpack, configure --with-srp, and make install, then create an