Patch to add "warn" value to ForwardX11 and ForwardAgent

Dan Astoorian djast at cs.toronto.edu
Wed Oct 31 03:53:54 EST 2001


On Tue, 30 Oct 2001 11:20:53 EST, Dave Dykstra writes:
> > Circa 2001-Oct-30 12:03:29 +1100 dixit Damien Miller:
> > 
> > : What would be nicer is some way for the client to get the user to accept
> > : / reject each forwarding request.
> 
> I considered that, and maybe it should still be an option, but it has some
> problems:
>     1. A forward request can come at any time and it could be very awkward
> 	to prompt in the middle of something that the user is typing into
> 	such as an editor.  A pop-up window is a possibility but I think
> 	that's over-engineering.

Just thinking out loud:

If the feature were to be introduced, perhaps one reasonable way to
design the UI might be for the connection attempt to produce a warning
advising the user to type a newline and a tilde-escape to accept or
reject the connection.  E.g.: introduce the escapes ~+ to accept the
connection, and ~- to reject it; and while we're at it, there should be
a way to redisplay the pending connection(s); perhaps ~# could list
these in addition to established ones.

This, of course, presupposes that a pty has been assigned--but if no pty
has been assigned (or quiet mode is in effect), any sort of prompting is
going to be a problem anyway.

Would such functionality be useful for general port forwardings as well
as X11 and authentication agent forwardings?

-- 
Dan Astoorian               People shouldn't think that it's better to have
Sysadmin, CSLab             loved and lost than never loved at all.  It's
djast at cs.toronto.edu        not, it's better to have loved and won.  All
www.cs.toronto.edu/~djast/  the other options really suck.    --Dan Redican



More information about the openssh-unix-dev mailing list