mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Nodet <gno...@gmail.com>
Subject [sshd] Agent forwarding
Date Thu, 10 Dec 2009 15:52:40 GMT
I've had a first tab at supporting SSH agent forwarding.  I've just
committed my work so far.
I've done some simple tests using openssh and i've been able to use
the sshd agent and client to connect to an openssh server and then to
another one using the agent.
So far so good.

I think we need to use unix socket for better compatibility with
openssh client on unix platforms (this would require having support
for unix sockets in mina with
http://issues.apache.org/jira/browse/DIRMINA-705), else use the vm
mina protocol instead.  The problem is that I used a tcp/ip socket
bound to localhost, but this means the agent (hence the private keys
stored in it) is available to any process runnning on the same
machine, so it's really unsecured.

Anyway, just wanted to give some information on what I was working on...

-- 
Cheers,
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
Open Source SOA
http://fusesource.com

Mime
View raw message