> One alternative is a request systerm, where the authentication is done by
> the server asks you a question (i.e the number 234252) and you look up on
> a chart the coordinating word (i.e. FISH) and thus you are authenticated
> and you password is different every time.
>
> I usually use ssh for authentication, but of course I can't over ham
> radio.
Why can't you? You can turn off the encryption, but leave the authentication
piece in place. You can then use public key to authenticate. Since you aren't
encrypting but signing data, I don't believe you wouldn't run afoul of the
FCC.
Even better is IPSEC, where every packet can be encrypted/signed. Obviously
encryption is out for US hams, but the authenication piece that signs each
packet could be used. IPSEC is available for IPv4, the current IP version,
and the authentication chunk is a requirement for being IPv6 compliant.
Bob N2KGO