client side options -- KeyRegenerationInterval

R P Herrold herrold at owlriver.com
Sun Jul 8 05:05:58 EST 2001


I was tinkering with ssh_config (the client side)
configuration file ... and added:

KeyRegenerationInterval 540

>From a review of the man page, I had not seen the option, but
thought it might be present but undocumented.

Nope.

The thought would be that a given user may be more paranoid,
and call for a more frequent (or a non-thoughtful user a
longer) interval, in their local .config

-- or as another reason for this approach, set it shorter to
act as another form of a 'keep-alive' with the timeout
duration under user control -=- (This latter is my actual goal
-- the re-exchange of keys will constitute traffic, and would
[should?] keep a given NATting session alive through gateway
firewall's [not under my control] too short timeouts.)

It looks as though a patch to readconf.c, an alarm loop test
as in sshd.c, and an option eater in sshconnect.c, along with
a man page addition would be neded, but are reasonably
straightforward.

But it does increase the 'complexity' of the client. ...

Thoughts?

-- Russ Herrold




More information about the openssh-unix-dev mailing list