Connection caching?
Ben Lindstrom
mouring at etoh.eviladmin.org
Sat May 8 11:57:04 EST 2004
On Sat, 8 May 2004, Darren Tucker wrote:
> David Woodhouse wrote:
> > On Tue, 2004-05-04 at 14:36 +1000, Darren Tucker wrote:
>
> >>I looked at it in conjunction with bug #701 (which is the
> >>"PermitRootLogin without-password" thing). It occurred to me that a
> >>more general mechanism could be a better solution for both. As usual, I
> >>got sidetracked.
> >
> >
> > More general would be good... what I need from it would be
> > "First s/key, then either of password or pubkey"
>
> I've been thinking about something like:
>
> AuthenticationsForUser user authenticationlist [source pattern-list]
>
> where authenticationlist is a comma-separated list in which you could
> require multiple authentication with a "+".
>
> For example, to require password and public-key, it would be:
>
> AuthenticationsForUser joe password+public-key
>
Just keep in mind everytime this has come up. Markus has commented that
the code was too complex. So just keep that in mind if you actually start
playing.
- Ben
More information about the openssh-unix-dev
mailing list