mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel LŽcharny <elecha...@gmail.com>
Subject Re: [sshd] Agent forwarding
Date Thu, 10 Dec 2009 16:22:51 GMT
Guillaume Nodet a écrit :
> I've had a first tab at supporting SSH agent forwarding.  I've just
> committed my work so far.
> I've done some simple tests using openssh and i've been able to use
> the sshd agent and client to connect to an openssh server and then to
> another one using the agent.
> So far so good.
>
> I think we need to use unix socket for better compatibility with
> openssh client on unix platforms (this would require having support
> for unix sockets in mina with
> http://issues.apache.org/jira/browse/DIRMINA-705), else use the vm
> mina protocol instead.  The problem is that I used a tcp/ip socket
> bound to localhost, but this means the agent (hence the private keys
> stored in it) is available to any process runnning on the same
> machine, so it's really unsecured.
>
> Anyway, just wanted to give some information on what I was working on...
>   
Thanks !

I think we may have to clean many things in 3.0 in order to avoid 
confusion in this area.


Mime
View raw message