Filtering which identities are forwarded by ssh-agent to a given host
Michael Ströder
michael at stroeder.com
Sun Feb 8 07:06:44 AEDT 2015
Damien Miller wrote:
> On Mon, 2 Feb 2015, ?ngel Gonz?lez wrote:
>
>> IMHO the way to go is not teach ssh the agent protocol, but modify the agent
>> protocol so that each request gets prepended the hostname requesting it
>> (forwarded connections would contain the full chain)
>
> Then you have to modify all of ssh, sshd and ssh-agent and doesn't
> work until they are all upgraded.
Disclaimer:
I don't consider myself to be an expert in this field.
I'm using ssh-add -c to be asked each time the key is requested.
At least it would be helpful if the hostname is displayed for which the key is
requested. Because sometimes things happen concurrently and one cannot decide
anymore for which action the dialogue pops up.
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4252 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150207/d50d4014/attachment-0001.bin>
More information about the openssh-unix-dev
mailing list