Re: [RFE] Multiple ssh-agent support

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Fabiano Fidêncio wrote:
> > One obvious approach is to create a proxy agent which looks like an
> > agent to all clients, but which also integrates with SPICE.
> 
> This is a good solution, probably the best one. The main problem is
> how to implement it.
> We have two clear ways for adding a proxy agent.

The proxy agent is not "added" but would run "in front of" the
original local agent. In addition to simply proxying from clients to
the original local agent, the proxy agent would be capable of
communicating across SPICE.

> One is with the SSH_AUTH_SOCK supporting a list of sockets,

SSH_AUTH_SOCK could be dynamically changed to point to the proxy agent.


> The other option would be extend the ssh-agent protocol to support a
> few new operations (add/remove the proxy agent) and then we could just
> do a ssh-add --proxy path/to/the/socket ...

This seems unneccessary - just put the proxy agent in front of the
original one.


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux