Re: ProxyCommand that creates identity file

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, 9 Nov 2017, John Maguire wrote:

> Thanks for the feedback. A couple of the goals for this project are that
> (a) it works for any use cases that utilize SSH (so Git, scp, rsync, etc.)
> -- meaning that configuration options are highly preferable to a wrapper,
> and (b) that this application supports Windows, MacOS, and Linux for
> tunneling (even if the SSH CA feature is unsupported on Windows).
> 
> Thanks for the link to go-daemon, I'll look a little closer, but I don't
> think this architecture will work.
> 
> Is there a reason that load_key_public must occur prior to
> ssh_exchange_identification? It strikes me that this would be a non-issue
> if the key were not loaded prior to the banners being exchanged. Though I
> do understand that this is a very atypical use-case for the ProxyCommand
> flag.

Doing it early allows reporting problems prior to attempting to establishing
a connection.

Could you implement your tooling as an agent? Keys are loaded from that
a little more asynchronously IIRC.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux