Re: Forbid connexions when no passphrase

From: Greg Wooledge (wooledg@eeg.ccf.org)
Date: 03/20/03

  • Next message: Jason Rimmer: "Bad packet length... argh"
    Date: Thu, 20 Mar 2003 08:37:10 -0500
    From: Greg Wooledge <wooledg@eeg.ccf.org>
    To: "Turenne, Eric" <eric@sen.dyndns.org>
    
    

    On Wed, Mar 19, 2003 at 07:46:51AM +0100, Turenne, Eric wrote:
    > Is there a way to forbid connexions from users who have
    > created passwordless (passsphraseless ?) private keys ?

    No, there isn't, because the client does not reveal to the server
    any information about the user's passphrase, or lack thereof. It
    merely uses a zero-knowledge proof that it holds the private key,
    to prove to the server that it's allowed to connect.


  • Next message: Jason Rimmer: "Bad packet length... argh"