Re: Proposal: have client CVS send remote username to server CVS

[Derek R. Price]

Noel L Yap wrote:

> How can an SSH server know that the SSH client hasn't been compromised and is
> sending a spoofed username?

By requiring the client to send a password known to the server or to encrypt its
connection/keys/whatever it is using the proper private key (in other words, a
private key with a corresponding & appropriate public key already known to the
server).

--
Derek Price                      CVS Solutions Architect
mailto:[EMAIL PROTECTED]     OpenAvenue ( http://OpenAvenue.com )
--
160. I'm not a complete idiot - several parts are missing.