Mercurial > dropbear
view TODO @ 45:9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
remote hostkey verification though.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 03 Aug 2004 17:26:56 +0000 |
parents | 469950e86d0f |
children | 59d16db56e9f |
line wrap: on
line source
Current: Things which need doing: - Make options.h generated from configure perhaps? - investigate self-pipe? - fix agent fwd problems - improve channel window adjustment algorithm (circular buffering) - Don't use pregenerated AES tables - check PRNG - check that there aren't timing issues with valid/invalid user authentication feedback. - IP6 (binding to :: takes over ipv4 as well, sigh. If anyone wants to suggest a clean way (ie no V4MAPPED or setsockopt things) please let me know :) - Binding to different interfaces (see ipv6 probably) - PAM ?? - inetd - possible RSA blinding? need to check whether this is vuln to timing attacks - CTR mode, SSH_MSG_IGNORE sending to improve CBC security - DH Group Exchange possibly - Use m_burn for clearing sensitive items in LTM/LTC - fix scp.c for IRIX