[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssh linkage madness

>   SSH clearly assumes that the underlying stream is already encrypted and
>   the MIT code (am I right Ken?) must then returns the credentials un-
>   encrypted unless there is a session key to use?!?!?

I don't actually know what SSH does (we don't use it), but I believe the
MIT code assumes you have a session key (or subkey) in the authorization
context.  That's what you were asking, right?