view TODO @ 452:4cab61369879

Prevent invalid packets being sent during key-exchange, instead queue them until afterwards. This could sometimes terminate connections after 8 hours if (for example) a new TCP forwarded connection was sent at the KEX timeout.
author Matt Johnston <matt@ucc.asn.au>
date Fri, 27 Jul 2007 17:13:42 +0000
parents 0cbe8f6dbf9e
children
line wrap: on
line source

Current:

Things which might need doing:

- default private dbclient keys

- Make options.h generated from configure perhaps?

- handle /etc/environment in AIX

- check that there aren't timing issues with valid/invalid user authentication
  feedback.

- Binding to different interfaces

- CTR mode
- SSH_MSG_IGNORE sending to improve CBC security
- DH Group Exchange possibly, or just add group14 (whatever it's called today)

- fix scp.c for IRIX

- Be able to use OpenSSH keys for the client? or at least have some form of 
  encrypted keys.

- Client agent forwarding

- Handle restrictions in ~/.ssh/authorized_keys ?