Re: [RFE] Multiple ssh-agent support

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 18/09/15 15:47, Fabiano Fidêncio wrote:
Howdy!

I've been working on a prototype that allows to do ssh-agent forward
between a guest, using SPICE, and a spice client
(remote-viewer/virt-viewer/spicy)
The whole idea is to have something similar to "ssh -A guest", but
integrated with the desktop environment.

As a proof of concept I wrote a standalone ssh-agent that _unlink_ the
current running agent in the guest machine and creates its socket in
the same path used by the old agent.
unlinking the socket seems a bit overkill. You could play with
SSH_AUTH_SOCK



A few possible solutions for this would involve a way to support more
than one agent, talking to both (the local one and the spice one),
merging then their responses and returning it to any application who
sent the request. Note that would be really nice if we can limit it to
do just some operations (like, ssh-add .ssh/id_rsa probably must not
go to the spice agent).

I would make a proxy ssh agent that linearly attempts from each
child agent. The add operations would always go to the first agent
(unless it returned an error?).

I also like the idea of SSH_AUTH_SOCK containing a list of sockets.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux