[RFE] Multiple ssh-agent support
Peter Stuge
peter at stuge.se
Sat Sep 19 10:57:00 AEST 2015
Fabiano Fidêncio wrote:
> > One obvious approach is to create a proxy agent which looks like an
> > agent to all clients, but which also integrates with SPICE.
>
> This is a good solution, probably the best one. The main problem is
> how to implement it.
> We have two clear ways for adding a proxy agent.
The proxy agent is not "added" but would run "in front of" the
original local agent. In addition to simply proxying from clients to
the original local agent, the proxy agent would be capable of
communicating across SPICE.
> One is with the SSH_AUTH_SOCK supporting a list of sockets,
SSH_AUTH_SOCK could be dynamically changed to point to the proxy agent.
> The other option would be extend the ssh-agent protocol to support a
> few new operations (add/remove the proxy agent) and then we could just
> do a ssh-add --proxy path/to/the/socket ...
This seems unneccessary - just put the proxy agent in front of the
original one.
//Peter
More information about the openssh-unix-dev
mailing list