Connection caching?

Jefferson Ogata Jefferson.Ogata at noaa.gov
Tue May 4 10:04:52 EST 2004


Damien Miller wrote:
> Jefferson Ogata wrote:
>>Abuse of pubkey authentication is bad enough -- the scope of abuse of this kind 
>>of feature could get very ugly. Please, if someone decides to implement this, 
>>make sure it can be disabled on the server.
> 
> The server has had this ability since version 2.x. Our client support is
> what is missing.

My previous comment was poorly worded. I understand from other postings 
that the server has the capability for multiple sessions. I'm saying 
please provide a server option to disable that. Are you saying there 
exists such an option?

To be clear: while the openssh server may have supported this feature 
for a long time, adding the feature to the openssh client will make it 
much more likely to be used. I'm inclined to require authentication for 
every user each time a session is requested, and I wish to be able to 
set that requirement on the ssh server.

-- 
Jefferson Ogata <Jefferson.Ogata at noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>




More information about the openssh-unix-dev mailing list