[RFE] Multiple ssh-agent support

Ángel González keisial at gmail.com
Sat Sep 19 06:58:44 AEST 2015


On 18/09/15 15:47, Fabiano Fidêncio wrote:
> Howdy!
>
> I've been working on a prototype that allows to do ssh-agent forward
> between a guest, using SPICE, and a spice client
> (remote-viewer/virt-viewer/spicy)
> The whole idea is to have something similar to "ssh -A guest", but
> integrated with the desktop environment.
>
> As a proof of concept I wrote a standalone ssh-agent that _unlink_ the
> current running agent in the guest machine and creates its socket in
> the same path used by the old agent.
unlinking the socket seems a bit overkill. You could play with
SSH_AUTH_SOCK



> A few possible solutions for this would involve a way to support more
> than one agent, talking to both (the local one and the spice one),
> merging then their responses and returning it to any application who
> sent the request. Note that would be really nice if we can limit it to
> do just some operations (like, ssh-add .ssh/id_rsa probably must not
> go to the spice agent).
>
I would make a proxy ssh agent that linearly attempts from each
child agent. The add operations would always go to the first agent
(unless it returned an error?).

I also like the idea of SSH_AUTH_SOCK containing a list of sockets.



More information about the openssh-unix-dev mailing list