LWN.net Logo

OpenSSH 6.2 released

OpenSSH 6.2 released

Posted Apr 3, 2013 4:47 UTC (Wed) by sitaram (subscriber, #5959)
In reply to: OpenSSH 6.2 released by gebi
Parent article: OpenSSH 6.2 released

It would be even more awesome if it would add the fingerprint of the incoming public key, along with the username, when calling the external program.

I admit the use case is very narrow though; I'm speaking as the author of gitolite, where it's not uncommon to see a few hundreds or more pubkeys in one authorized_keys file. The external program could help to cut down the time taken to do the linear scan that sshd currently seems to do when presented with a key.

(And I checked the protocol; http://tools.ietf.org/html/rfc4252#section-7 appears to indicate that some information about the key being offered (it's called "public key blob" in the rfc) *does* go to the ssh server from the ssh client before any authN happens.


(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds