DavidCox1979 / connectbot

Automatically exported from code.google.com/p/connectbot
Apache License 2.0
0 stars 0 forks source link

Authentication agent forwarding #70

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
Add OpenSSH style authentication agent forwarding if an option is enabled
for the host we're connecting to.

There are two different and incompatible authentication agent forwarding
protocols in SSH, but only the OpenSSH-style forwarding is free. We'll use
that.

Sample implementations are abound:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/channels.c
http://github.com/jamis/net-ssh/tree/cdcb65ac9ed69be4ecaeed54326b927c99e2075e/li
b/net/ssh/service/forward.rb

Original issue reported on code.google.com by kenny@the-b.org on 3 Nov 2008 at 5:00

GoogleCodeExporter commented 8 years ago
normally ssh-agent forwarding is setup client side.  with openssh it is done by
passing -A to your openssh call.  i.e ssh -A host.example.com maybe a checkbox 
to
turn it on or off somewhere.

Original comment by dennis.g...@gmail.com on 3 Nov 2008 at 5:18

GoogleCodeExporter commented 8 years ago
Agent client, -A is "agent forwarding" from the point you connected. 

I will be very excited to see agent support in the client!

Original comment by cji...@gmail.com on 20 Nov 2008 at 11:03

GoogleCodeExporter commented 8 years ago
I'd also greatly appreciate this feature. Please let me know when you are 
palnning to implement it.

Original comment by herg...@gmail.com on 1 May 2009 at 10:04

GoogleCodeExporter commented 8 years ago
I'm almost done with this; I just need to pull it through to the GUI to make it 
a
checkbox preference for each host.

Original comment by kenny@the-b.org on 25 Jun 2009 at 8:26

GoogleCodeExporter commented 8 years ago
Rough version is in r331. Small code changes to come, but no user-visible 
changes.

Original comment by kenny@the-b.org on 25 Jun 2009 at 10:47

GoogleCodeExporter commented 8 years ago
So is this feature available in one of the current 
revisions? How do I enable it for a host?

Original comment by ja...@digitalcardboard.com on 11 Nov 2009 at 3:13

GoogleCodeExporter commented 8 years ago
Uhm, hasn't this been done for a while now? I think this ticket can be closed.

Original comment by tau...@gmail.com on 11 Nov 2009 at 3:20

GoogleCodeExporter commented 8 years ago
This issue is marked as done and closed, but I don't see the option in r409. Do 
I 
need to be running one of the unstables?

Original comment by ja...@digitalcardboard.com on 11 Nov 2009 at 3:25

GoogleCodeExporter commented 8 years ago
:/ I don't get it, how is this closed? It's not in the latest stable _or_ 
unstable
release.

Original comment by afrazk...@gmail.com on 1 Dec 2009 at 3:22

GoogleCodeExporter commented 8 years ago
You have to edit each host you want to enable it on. A malicious server could 
cause a
bit of damage if it was turned on by default. Please use the mailing lists for
discussion, though.

Original comment by kru...@gmail.com on 2 Dec 2009 at 3:51