Wouter Verhelst wrote:
What we came up with is this: - Server sends a random number as a way to challenge the client for a password - Client constructs something based on the IP address, password, and the random number the server sent, pumps it through a secure hash algorithm, and sends that back. - Server constructs the same thing and pumps it through the same algorithm. If the output matches, we're authenticated; if it doesn't match, we're not.
Thoughts, anyone?
But why build that into nbd? You can stunnel the nbd connection, and it takes care of authentication and encryption. And no messy code added to nbd.
-- Paul