[MUD-Dev] strong encryption for authentication

Fred Clift fclift at verio.net
Thu Jul 12 09:20:29 New Zealand Standard Time 2001

On Wed, 11 Jul 2001, Robert Fleck wrote:

> The main problem I see with this is that your server now has to
> support x ssh sessions, where x is the number of players.  That's
> a _lot_ of computation, and combined with an medium complexity
> active mud, with a reasonable number of players...  You'd overload
> the mud server.  And who really wants to buy a crypto accelerator
> for a mud server?  :)

I have a mostly idle second cpu right now as it is, and well,
frankly, my mud is uh, underloaded :).  a single proc 500-700mhz
pent II could not even break a sweat on 50 or 100 ssh connections.

But at any rate, I guess what I really want is cryptographically
strong authentication, but not necessarily session encrpytion.  Ssh
probably isn't a good fit for this, but it'd be a quick hack to
allow it for those of us who aren't turning away players because of
load.  ( average daytime connections (mostly north american players)
in the 30s, average usa night time connections (from sweeden and
asia primarily - not sure why the swedes are the only Europeans we
get mostly...) in the teens to mid 20s.

So, how about good, non-clear text authentication, without
necessarily having session encryption?

Oh, and I'd love to get my hands on some crypto software -- It'd
definitely be a fun toy :).


Fred Clift - fclift at verio.net -- Remember: If brute 
force doesn't work, you're just not using enough.

MUD-Dev mailing list
MUD-Dev at kanga.nu

More information about the MUD-Dev mailing list