client side options -- KeyRegenerationInterval
R P Herrold
herrold at owlriver.com
Sun Jul 8 05:05:58 EST 2001
I was tinkering with ssh_config (the client side)
configuration file ... and added:
KeyRegenerationInterval 540
>From a review of the man page, I had not seen the option, but
thought it might be present but undocumented.
Nope.
The thought would be that a given user may be more paranoid,
and call for a more frequent (or a non-thoughtful user a
longer) interval, in their local .config
-- or as another reason for this approach, set it shorter to
act as another form of a 'keep-alive' with the timeout
duration under user control -=- (This latter is my actual goal
-- the re-exchange of keys will constitute traffic, and would
[should?] keep a given NATting session alive through gateway
firewall's [not under my control] too short timeouts.)
It looks as though a patch to readconf.c, an alarm loop test
as in sshd.c, and an option eater in sshconnect.c, along with
a man page addition would be neded, but are reasonably
straightforward.
But it does increase the 'complexity' of the client. ...
Thoughts?
-- Russ Herrold
More information about the openssh-unix-dev
mailing list