|
|
|
|
|
|
by oneru
3679 days ago
|
|
|
Ssh does a fingerprint verification and establishes a secure channel before it does the password exchange. Avoiding replay attacks can be a challeng as well. Putting strong authentication in a single packet is deceptively nontrivial. It can be done, but at that point you'd be reimplementing Fwknopd. Additionally, Fwknop can protect more than just ssh, and do fancy things like providing access to a machine without a public IP address. Disclaimer: I'm one of the Fwknop devs. =) |
|
|