3.4p1 ssh-agent auth-retry patch available: was: Re: Updated ssh-agent authentication retry patch available

Jos Backus jos at catnook.com
Thu Aug 22 05:04:37 EST 2002

On Tue, Aug 20, 2002 at 11:57:48AM -0500, Kevin Currie wrote:
> 	Even with this patch it still doesn't scale to the extent that
> we'd like.

At least here the patch improves things to the point that we rarely see
failures anymore, whereas without it ssh is basically unusable _for this
particular type of application_ because it fails to authenticate too often.
For us this level of improvement is Good Enough.

> I routinely run commands on ~8-10K hosts and it takes too
> long to complete the runs.  We've hacked around this by writing some
> tools that launch 10 ssh-agents, and then command wrappers around
> ssh/scp/etc that randomly connect to one of the agents for authentication.
> By doing it this way, we are able to run hundreds of concurrent sessions 
> with
> out getting "permission denied" messages.


> 	It would be nice if this type of thing was not required in the
> future :-)

Jos Backus                       _/  _/_/_/      Sunnyvale, CA
                                _/  _/   _/
                               _/  _/_/_/
                          _/  _/  _/    _/
jos at catnook.com        _/_/   _/_/_/          require 'std/disclaimer'

More information about the openssh-unix-dev mailing list