patch to send incoming key to AuthorizedKeysCommand via stdin
Iain Morgan
imorgan at nas.nasa.gov
Fri Jun 6 04:50:24 EST 2014
I should have read the actual security announcement rather than basing
my initial response on the git commit messages; the SSL/TLS MITM issue
makes this more critical.
--
Iain
On Tue, Jun 03, 2014 at 23:14:30 +0200, Lukas Fleischer wrote:
> On Tue, 03 Jun 2014 at 22:32:40, Scott Duckworth wrote:
> > On Tue, Jun 3, 2014 at 3:32 PM, Lukas Fleischer <info at cryptocrack.de> wrote:
> >
> > > I wonder if there is a way to obtain a textual representation of the key
> > > without writing it to a temporary file, though?
> > >
> >
> > Agreed, that would be better. If anybody knows how to do this please chime
> > in.
>
> If there isn't a function to do that already, you could factor out the
> code to build the textual representation and move it to a new function
> that writes the representation to a buffer (or returns it as a pointer
> to a newly allocated "string"). Then, key_write() would simply become a
> wrapper around that function.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
--
Iain Morgan
More information about the openssh-unix-dev
mailing list