On Sun, Mar 23, 2014 at 4:59 AM, Peter Stuge <peter@xxxxxxxx> wrote: > What's the problem with forking and writing to the pipe from the > parent only when it is writable? If the child process does not explicitly close stdin then there is no way to know if it is actually being read from. All that is known is that you can write *some* data to the pipe, but once the pipe's buffer fills up and it is not emptied then the parent process (sshd) will block indefinitely. The only way this could be avoided is by introducing some sort of timeout to the write. Polling to see when you can write without blocking won't be enough because the child process may just be slow to read the pipe, or it may have stopped reading before EOF. The only safe way to pass the key via a pipe is to require any AuthorizedKeysCommand to either explicitly close stdin or consume stdin until EOF. There's no way to enforce this in code, and there's likely already a lot of commands in use that do neither of these. Hence passing the data in environment variables or parameters are the only safe ways to do this. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
