Quoting Alex Bligh <alex@xxxxxxxxxxx>: > So could they exchange a secret as part of the session, obviating > the need for any set up? If by set up, you mean "the rest of the SSH authentication", then surely not. MD5 pre-shared secrets are probably fine for "port-knocking" or even RST-proofing purposes, but not for authenticating SSH sessions to servers. =M= _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev