Informing the SSH agent of the target user at server
Peter Stuge
peter at stuge.se
Thu Mar 22 03:25:16 AEDT 2018
Hector Martin 'marcan' wrote:
> So right now we just have
>
> - SSH_AGENTC_REQUEST_IDENTITIES
>
> But the final ssh could do (1):
>
> - SSH_AGENTC_EXTENSION "remote-id at openssh.com" string("user at host")
> - SSH_AGENTC_REQUEST_IDENTITIES
I think this sounds fine.
> Or an intermediate forwarding ssh could insert a tag (2):
>
> - SSH_AGENTC_EXTENSION "forwarded-for at openssh.com" string("user2 at host2")
> - SSH_AGENTC_REQUEST_IDENTITIES
>
> (which would of course nest with multiple chained forwards, similar to
> SMTP Received headers)
Since forwarding ssh processes just forward agent socket bytes
without tracking the protocol state in that stream adding a packet
isn't trivial.
//Peter
More information about the openssh-unix-dev
mailing list