ProxyCommand that creates identity file
Damien Miller
djm at mindrot.org
Fri Nov 10 14:28:28 AEDT 2017
On Thu, 9 Nov 2017, John Maguire wrote:
> Thanks for the feedback. A couple of the goals for this project are that
> (a) it works for any use cases that utilize SSH (so Git, scp, rsync, etc.)
> -- meaning that configuration options are highly preferable to a wrapper,
> and (b) that this application supports Windows, MacOS, and Linux for
> tunneling (even if the SSH CA feature is unsupported on Windows).
>
> Thanks for the link to go-daemon, I'll look a little closer, but I don't
> think this architecture will work.
>
> Is there a reason that load_key_public must occur prior to
> ssh_exchange_identification? It strikes me that this would be a non-issue
> if the key were not loaded prior to the banners being exchanged. Though I
> do understand that this is a very atypical use-case for the ProxyCommand
> flag.
Doing it early allows reporting problems prior to attempting to establishing
a connection.
Could you implement your tooling as an agent? Keys are loaded from that
a little more asynchronously IIRC.
-d
More information about the openssh-unix-dev
mailing list