Proposal: always handle keys in separate process

Ángel González keisial at gmail.com
Wed Jan 20 10:54:32 AEDT 2016


On 18/01/16 17:11, Aris Adamantiadis wrote:
> Implicit identities could be removed from the default configuration,
> too. Most users already have an agent and aren't aware it exists, and
> having to type the passphrase every time encourages users to have
> unencrypted keys.
>
> Aris

+1

While they may be handy if you have a single key, once you start using
several keys, they mainly just get on the way.

It can't be simply removed though, as that could make some ssh clients
to stop working. I would make sure the same behavior can be achieved
with IdentityFile (it may need to be tweaked so you add keys
at the end), and then remove the native support, moving it to the config 
file.



More information about the openssh-unix-dev mailing list