Commit Graph

4 Commits

Author SHA1 Message Date
Darren Tucker 43e7a358ff - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and
header-order changes to reduce diff vs OpenBSD.
2009-06-21 19:50:08 +10:00
Damien Miller cee8523314 - djm@cvs.openbsd.org 2009/03/05 07:18:19
[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
     [sshconnect2.c]
     refactor the (disabled) Schnorr proof code to make it a little more
     generally useful
2009-03-06 00:58:22 +11:00
Darren Tucker c6d744e9cd - dtucker@cvs.openbsd.org 2008/11/07 23:34:48
[auth2-jpake.c]
     Move JPAKE define to make life easier for portable.  ok djm@
2008-11-11 16:33:03 +11:00
Damien Miller 01ed2272a1 - djm@cvs.openbsd.org 2008/11/04 08:22:13
[auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
     [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
     [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
     [Makefile.in]
     Add support for an experimental zero-knowledge password authentication
     method using the J-PAKE protocol described in F. Hao, P. Ryan,
     "Password Authenticated Key Exchange by Juggling", 16th Workshop on
     Security Protocols, Cambridge, April 2008.

     This method allows password-based authentication without exposing
     the password to the server. Instead, the client and server exchange
     cryptographic proofs to demonstrate of knowledge of the password while
     revealing nothing useful to an attacker or compromised endpoint.

     This is experimental, work-in-progress code and is presently
     compiled-time disabled (turn on -DJPAKE in Makefile.inc).

     "just commit it.  It isn't too intrusive." deraadt@
2008-11-05 16:20:46 +11:00