Connection caching?

[Jefferson Ogata]

Ben Lindstrom wrote:
> On Wed, 5 May 2004, Jefferson Ogata wrote:
>>No doubt the lazy user /would/ enable such a thing. The control needs to be on
>>the server side.
> 
> Praytell... If the /home is RO.. they don't have a ssh_config or it is
> predefined for them.. How is:
> 
> ssh -G somesite.com
> 
> or worse:
> 
> ssh '-o AllowMultipleChannels yes' somesite.com
> 
> is easier than just typing:
> 
> ssh somesite.com

It's not easier the first time, but it's easier for all the subsequent times 
where authentication gets bypassed. I'm confident you understand this, so why 
are you asking?

> Still my oritinal point stands from a few messages ago.. NOTHING stops
> this from happening now from a client other than ours.  Yet you don't
> seem to care about that fact... Only after we commented that "someday
> this would be a nice feature" did you start...

Obviously, I /do/ care about that fact -- that's why I've been explaining the 
issue with scenario after scenario so you can see why the control needs to be on 
the server side, and why it should have been there all along.

> If you want the feature.. Pony up the code so we have something physical
> to discuss and test against other SSH clients for breakage.  Until then I
> think we are going in circles.

If/when I have time. Or I might evaluate other versions of the server. Or maybe 
someone else with some spare time will understand why this is important and 
write a patch.

-- 
Jefferson Ogata <Jefferson.Ogata at noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>