ssh could have a grace period a la sudo

Alan Barrett apb at cequrux.com
Mon Aug 31 01:11:07 EST 2009


On Sun, 30 Aug 2009, Darren Tucker wrote:
> Dave Yost wrote:
> >It would be nice to be able to configure sshd so that the
> >following would work:
> >
> >After a successful password-authenticated connection from client
> >user x on client host y, subsequent connections from client user x
> >on client host y within a (resetting) time limit would succeed
> >without re-authenticating via password.
> 
> There's already the capability for doing the first part of this in
> the client, where an existing connection can be reused without
> reauthentication.  See ControlMaster and ControlPath in
> ssh_config(5).

There are also patches floating around for a ControlPersist option,
which is intended to automatically keep the ControlMaster running
in the background for a configurable time.

--apb (Alan Barrett)


More information about the openssh-unix-dev mailing list