How do I find the client key?
Michael H. Warfield
mhw at wittsend.com
Mon Jun 3 07:39:47 EST 2002
All,
This may be a simple question, but I can't find the answer...
The situation...
Clint "C" connects to server "S".
On server "S" I can find the client IP (IPv6) address in the
SSH_CLIENT environment variable. I also need the client public key.
On the client side, the public key ends up added to .ssh/known_hosts
but what happens on the server side? I need to retrieve this key
to validate the entry of a host name against a table of hosts which
have previously contacted me (on possibly other IP addresses) so I
can reject requests for names from keys which have changed. I'm
trying to deal with some dynamic address problems.
I might deal with this through SSL (stunnel) and use certificates
instead of SSH, but thought that SSH would save me some app coding and
the clients would then already exist (I don't want to have to create
and distribute and support a custom client app on all platforms).
A GROSS solution would be to "ssh" back to the client and abort
the connection after getting the key, but that's a butt-ugly hack
that won't work across firewalls and won't work with client-only
systems (Windows) and I figure there has got to be some better way.
Anyone with some thoughts?
Mike
--
Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
More information about the openssh-unix-dev
mailing list