Chris Lonvick <clonvick%cisco.com@localhost> writes: Very minor nitpick, the sentence break attaches the "Openwall" to the following sentence, so it appears to be reading: can yield information about the length of the password. [Openwall] Implementors should use the SSH_MSG_IGNORE packet as described Peter.