On 14 January 2016 at 20:57, Darren Tucker <dtucker@xxxxxxxxxx> wrote: >> * Add "TCPMD5 foorbarSecret" to sshd_config >> * SSH with "-oTCPMD5=foobarSecret" > Have you considered making this a stand-alone tool? Something that > listens and execs sshd -i on the server side and could be used as a > ProxyCommand on the client side. That'd be potentially usable by > other services. No I hadn't. Good idea. I think there may be some aspects you'd be missing out on (or reimplement, or outsource to e.g. inetd), such as (account) password brute force protection. I haven't tried it, but I suspect sshd -i can't limit to 10 concurrent preauth sessions each getting one attempt per second which sshd otherwise does by default. -- ☢ Thomas ☢ _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev