On Thu, 9 Nov 2017, John Maguire wrote: > Thanks for the feedback. A couple of the goals for this project are that > (a) it works for any use cases that utilize SSH (so Git, scp, rsync, etc.) > -- meaning that configuration options are highly preferable to a wrapper, > and (b) that this application supports Windows, MacOS, and Linux for > tunneling (even if the SSH CA feature is unsupported on Windows). > > Thanks for the link to go-daemon, I'll look a little closer, but I don't > think this architecture will work. > > Is there a reason that load_key_public must occur prior to > ssh_exchange_identification? It strikes me that this would be a non-issue > if the key were not loaded prior to the banners being exchanged. Though I > do understand that this is a very atypical use-case for the ProxyCommand > flag. Doing it early allows reporting problems prior to attempting to establishing a connection. Could you implement your tooling as an agent? Keys are loaded from that a little more asynchronously IIRC. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev