Re: [RFE] Multiple ssh-agent support

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, Sep 18, 2015 at 7:07 PM, Peter Stuge <peter@xxxxxxxx> wrote:
> Fabiano Fidêncio wrote:
>> A few possible solutions for this would involve a way to support more
>> than one agent, talking to both (the local one and the spice one),
>> merging then their responses and returning it to any application who
>> sent the request. Note that would be really nice if we can limit it to
>> do just some operations (like, ssh-add .ssh/id_rsa probably must not
>> go to the spice agent).
>>
>> But how to do that? What could be a good approach for doing that?
>
> One obvious approach is to create a proxy agent which looks like an
> agent to all clients, but which also integrates with SPICE.

This is a good solution, probably the best one. The main problem is
how to implement it.
We have two clear ways for adding a proxy agent. One is with the
SSH_AUTH_SOCK supporting a list of sockets, but it won't be
dynamically. In other words, if I want to replace the spice-agent for
another one, it would, most likely, require a session restart and it's
not exactly good :-\
The other option would be extend the ssh-agent protocol to support a
few new operations (add/remove the proxy agent) and then we could just
do a ssh-add --proxy path/to/the/socket ...

I am really would prefer to go for the second approach, but I really
would like to hear, from you (ssh people), if it would be accepted and
if I can proceed with the implementation.

Best Regards,
--
Fabiano Fidêncio
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux