Looking for sshlib.py
Tom Holroyd
tomh at po.crl.go.jp
Tue Nov 30 21:56:54 EST 1999
Check out SRPSocket, which creates SRP authenticated sockets.
http://www.aist.go.jp/NIBH/~tomh/SRPSocket.tar.gz
The home page for SRP is http://srp.stanford.edu/srp/
SRP stands for Secure Remote Passwords and is a drop in replacement for
Unix passwords that is safe to use over the network. The main SRP site
has code written in C for telnet and FTP; SRPSocket is pure Python (still
pretty fast though). The only caveats are that the Python random number
generator isn't really good enough -- you should use a different one, and
the default prime field is 128 bits -- I have a 1024 bit one, and you can
of course generate your own big prime numbers... (SRP is a variant of
Diffie-Hellman, but better.)
SRP (and SRPSocket) are free from export restrictions as this is only the
authentication stage. A side effect of the authentication is that you get
a secure, shared key (the length is the output size of the hash used).
You can use this key to bootstrap a longer key (such as an interleaved SHA
key) or use it to encrypt the socket directly, or whatever.
On Tue, 30 Nov 1999, John Leach wrote:
> I'm looking to write a Python frontend for character-based applications
> accessed via the internet.
> telnet works well but I'd like something with more security (telnet sends
> its password unencrypted I believe).
> I'll try calling ssh from within Python and see if that helps.
> Thanks for your reply,
> John Leach
> http://www.bosware.com.au
Dr. Tom Holroyd
I would dance and be merry,
Life would be a ding-a-derry,
If I only had a brain.
-- The Scarecrow
More information about the Python-list
mailing list