ssh-agent clustering
Jan de Haan
jdehaan at zwartkasteel.nl
Tue Nov 25 07:46:02 EST 2008
Hi Garry,
I did something with about the same functionality once, by starting the
ssh-agent
on the central system at boot time with the users credentials and loading
the
passphraseless key automatically from a directory that the user couldn't
read.
The only thing you need to do is dump the agent's environment variables when
it starts and source them when the user actually logs in.
Sincerely,
Jan de Haan.
On Mon, Nov 24, 2008 at 7:02 PM, Garry Boyce <garry.boyce at eds.com> wrote:
> Hi.. I've looked through all the documentation and searched numerous
> websites and I can't find any viable current way to cluster ssh-agents.
>
> The functionality gap I see is to allow a situation where 2 ssh-agents are
> running on 2 different trusted machines. If one of those machines goes down
> passwordless logins should be allowed to continue through the backup
> ssh-agent. And when the machine comes back up the newly restarted agent
> should be able to resync with the backup agent. This way 2 machines would
> have to go down before passwords would have to be re-entered.
>
> I'm wondering the implications of this kind of functionality and wondering
> if this were to be implemented would it be something the development team
> would be apt to consider for inclusion.
>
> Thanks,
> Garry
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>
More information about the openssh-unix-dev
mailing list