Thanks a lot for your feedback. David, I'm not suggesting to change openssh, and be suprised and upset when pacthes are not acccepted. That's not my style, I'm informing about the ability to make openssh work with udp (without any patches). I'm working on a project which offers automatic access to users to fileservices like smb,nfs and sftp using avahi for detection and fuse. And I wrote my own ssh and sftp clients. The simple public key auth works (serverkey in ~/.ssh/known_hosts and users public key in ~/.ssh/authorized_keys on server ) I'm testing openssh certificates and wanting to make it work with yubikey and nitrokey. I'm also very interested in making this work with centralized adiminstration. Some months ago there was an very interesting discussion about this, with usefull links. So UDP has some disadvantages cause it does not have the confirmation a package is received TCP has. Building something myself for the client is not a problem. But the server is another thing. It has to allow the client to open another connection over UDP. Extensions have to be used here for the client to discover the server supports it. A counter administration has to be used apart from the existing counter mechanism for the session over TCP. It looks a good idea to only use this "UDP channel" for bigger data like reading and writing files, not for every sftp command. I'm just thinking outloud, not suggesting anything. Stef Bon _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev