[mosh-devel] ssh agent forwarding for mainline Mosh
john hood
cgull at glup.org
Wed May 25 11:23:13 EDT 2016
Hi all,
For a very long time, ssh agent forwarding has been the #1 feature
request for Mosh.
For a slightly less long time, Timo J. Rinne's ssh agent forwarding code
has been available on GitHub, the current merge is at
<https://github.com/rinne/mosh/compare/agent-forwarding-merge-20151128>.
We're about to release mosh 1.2.6. Agent forwarding will *not* be in
1.2.6. But after 1.2.6 comes 1.3, and then I think I would like to pull
that code into Mosh for that release.
So I'm writing this email to restart the discussion on agent forwarding.
Obviously, many people want it. But less obviously, it is a
significant change to Mosh's security story, and the user is trusting us
for their SSH authentication if they use this feature.
Also, though I think the code is generally good quality, I have some
specific concerns-- it seems possible that Mosh could block with a
particularly uncooperative agent or agent client, leaving the user with
a stuck terminal session.
How do people feel about doing agent forwarding in general, and this
code in particular? I'd like to see some consensus on the security
issues, and I'd like to hear other opinions on the code involved.
regards,
--jh
More information about the mosh-devel
mailing list