PuTTY wish srp-auth

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Privacy | Changes | Wishlist

SRP support in SSH, as an alternative to pure password authentication. Possibly also in Telnet.

This would be really useful in SSH, because it removes a lot of the danger of accepting a host key you're uncertain about. The SRP exchange convinces each side that the other side knows the same password, without requiring either side to give the password away to the other - so if you use SRP authentication, you can safely type your password in even if you don't know the remote host key is correct. Moreover, the current drafts of SRP authentication in SSH then use the SRP shared secret to authenticate the SSH host key - so that even if you aren't sure the host key belongs to the host you think it does, you can at least be sure that it does belong to a machine which knows your password. This would be a massive improvement in the SSH host key model.

Resources:

• Stanford SRP page and RFC 2945
• draft-nisse-secsh-srp-01 (expired) describing how LSH implements SRP (as a key exchange method)
• draft-tomh-secsh-srp-00 (expired) describes how Tom Holroyd's OpenSSH patch implements SRP (as a userauth method)
• A statement on the IPR issues around SRP
• The IETF SECSH mail archive has discussions of the above drafts.
• RFC 2944 describes Telnet SRP authentication.

SGT, 2024-11-17: classifying this wish as dormant. Alas, SRP never took off in SSH, and those patches in particular never landed in OpenSSH. I still think it would have been a good thing, because of the ability to verify a host key by the act of successfully logging in – but if there's no community of server software using it, there's no point implementing it in a client.