Patch to abstract key sources

Rob Holland rob at
Wed May 17 17:14:51 EST 2006


Attached is a patch to allow multiple files and/or pipes to be read when 
searching for keys.

The patch centralises the file reading code into one place, rather than 
repeating it amongst several files as it was previously.

It also allows reading keys from a pipe as well as files. This 
functionality is not used in the current patch.

The eventual goal is to make custom key sources, such as searching LDAP 
or a database, easier to write and maintain. Currently things such as 
the openssh-lpk patch are quite invasive and must track upstream openssh 
carefully with each release. If we allow reading of keys from a pipe, 
the abstraction allows the two things to remain seperate.

Please let me know your thoughts on the patch and/or the idea in general.


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: openssh-keysource.patch

More information about the openssh-unix-dev mailing list