* Move password authentication handling into sshd/auth (fixes#394).
Password authentication is now completely handeled in Auth. The normal
keyboard-interactive handler checks if passwords are supported and asks
for them, removing the need to override the callbacks.
Brute force throttling is removed; I'd like to base it on IP address
banning, which requires changes to the checks.
I'm not sure, but I think timing attacks against the password are fixed:
- The hashing of the real password happens only at startup.
- The hashing of a provided password is something an attacker can do
themselves; It doesn't leak anything about the real password.
- The hash comparison is constant-time.
* refactor checks, IP-ban incorrect passphrases, renames
- s/assword/assphrase/, typo fixes
- bans are checked separately from public keys
- an incorrect passphrase results in a one-minute IP ban
- whitelists no longer override bans (i.e. you can get banned if you're
whitelisted)
* (hopefully) final changes
For #285
Turns out there were some bugs in Set, and I was using it incorrectly too.
The query syntax is a little awkward but couldn't find a nicer easy to parse format that worked with quoted string values.
