summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/lib
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2008-11-04 08:22:14 +0000
committerDamien Miller <djm@cvs.openbsd.org>2008-11-04 08:22:14 +0000
commit6d6cc1a771a01cfb0780b7838a8906907e05decb (patch)
treed51a92e922e99b0362d3bc99f2e42f7da3bfde78 /usr.bin/ssh/lib
parent48875799da9efccdddf642e514c036278e48eec1 (diff)
Add support for an experimental zero-knowledge password authentication
method using the J-PAKE protocol described in F. Hao, P. Ryan, "Password Authenticated Key Exchange by Juggling", 16th Workshop on Security Protocols, Cambridge, April 2008. This method allows password-based authentication without exposing the password to the server. Instead, the client and server exchange cryptographic proofs to demonstrate of knowledge of the password while revealing nothing useful to an attacker or compromised endpoint. This is experimental, work-in-progress code and is presently compiled-time disabled (turn on -DJPAKE in Makefile.inc). "just commit it. It isn't too intrusive." deraadt@
Diffstat (limited to 'usr.bin/ssh/lib')
-rw-r--r--usr.bin/ssh/lib/Makefile4
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/ssh/lib/Makefile b/usr.bin/ssh/lib/Makefile
index 9a29b844b93..73de4c8cf28 100644
--- a/usr.bin/ssh/lib/Makefile
+++ b/usr.bin/ssh/lib/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.57 2008/09/06 12:24:16 djm Exp $
+# $OpenBSD: Makefile,v 1.58 2008/11/04 08:22:13 djm Exp $
.PATH: ${.CURDIR}/..
@@ -12,7 +12,7 @@ SRCS= authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c \
key.c dispatch.c kex.c mac.c uidswap.c uuencode.c misc.c \
ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \
kexdhc.c kexgexc.c scard.c msg.c progressmeter.c dns.c \
- monitor_fdpass.c umac.c addrmatch.c
+ monitor_fdpass.c umac.c addrmatch.c schnorr.c jpake.c
DEBUGLIBS= no
NOPROFILE= yes