JacobCallahan
commented
1 month ago @erpadmin can you tell me why you closed this?
Open erpadmin opened 1 month ago
JacobCallahan
commented
1 month ago @erpadmin can you tell me why you closed this?
erpadmin
commented
1 month ago my thoughts were it probably should be the functionality of the SSH2 crate rather than your module
JacobCallahan
commented
1 month ago @erpadmin interesting. If you create an issue there, can you link it here? If you don't get any traction with them, I have an idea about how to handle it in Hussh.
erpadmin
commented
1 month ago erpadmin
commented
1 week ago maintainer described it as a security risk to implement at the library level https://github.com/alexcrichton/ssh2-rs/issues/331#issuecomment-2457961276
erpadmin
commented
1 week ago draft.txt I started taking a crack at Rust, and letting it slap me around a bit, but I have created a basic working model for default identity auth attempts and also added in defaulting to $OSUSER when username is not specified rather than root.
I haven't quite wrapped my head around Option\<String>, &str, String, etc and bouncing between them. Things will probably get a little tricky when the agent is considered and it may be best that default identities are ignored when an agent is active.
Anyway, there's something to contrast against if you choose to explore this feature.
Is your feature request related to a problem? Please describe. ssh normally attempts keyauth with a default list ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/id_rsa. Maybe that's only in the absence of an active SSH agent. I'm not sure about the behavior there, but I think it tries several (not all) from the agent as well be it the case.
Describe the solution you'd like mimic lower level auth functionality
Side note: I think there would be issues with using "password=" parameter for both password auth and private key password in a scenario where multipart auth (password + keyauth is enabled)