nanogui@linuxhacker.org

> I'm not trying to implement encryption of the session itself (that could
> be done via ssh if you need it and are prepared to pay the code size and 
> performance penalties); just to prevent a cracker from being able to snoop
> the password and then use the remote access capability to gain control of
> the machine.

If the cracker can snoop the password he can do session takeover without
starting a new session. So how does it help ?