In article <419322d3$0$43451$e4fe514c@news.xs4all.nl>,
Casper H.S. Dik <Casper.Dik@Sun.COM> wrote:

>Lawrence D¹Oliveiro <ldo@geek-central.gen.new_zealand> writes:
>
>>No. The password is never transmitted to the remote system in SSH.
>
>You're wrong. Looking through a "truss" of the ssh server
>it does call crypt() when you use a password authenticated login.
>That means it will have gotten the clear text password (but it's
>send over an encrypted connection)

I see, so all encryption is done starting with the host key
(/etc/ssh/ssh_host_key), not the user's password, as I thought.

>The server has a key which is verified, that's how ssh protects
>against rogue servers.

This, of course, is the real weakness in the way SSH is normally used,
in that people happily accept the offered host key the first time they
log into a machine, instead of installing the host key via some secure
channel.