Opened 2 years ago
Last modified 6 months ago
#2303 assigned enhancement
Support SSH agent forwarding
| Reported by: | erikjensen | Owned by: | Antoine Martin |
|---|---|---|---|
| Priority: | minor | Milestone: | future |
| Component: | server | Version: | 2.5.x |
| Keywords: | Cc: |
Description
I use a hardware token for SSH access. It would be great if Xpra could forward requests to the SSH agent on the client.
This would probably involve creating a socket and setting SSH_AUTH_SOCK in the Xpra session (only if the feature is turned on), and then forwarding connections to the socket to the client, which would in turn forward them to whatever SSH_AUTH_SOCK was set to, locally.
Attachments (1)
Change History (5)
comment:1 Changed 2 years ago by
| Status: | new → assigned |
|---|
comment:2 Changed 2 years ago by
paramiko rocks, adding agent forwarding support is as simple as adding adding AgentRequestHandler(session).
This be an option, off by default, but we should honour ssh-config.
Do we want to overload the ssh=paramiko command line option for that? Maybe add a -A / -a switch to it, just like openssh?
comment:3 Changed 2 years ago by
| Milestone: | 3.0 → future |
|---|
According to the documentation, the code in the patch above should do the job but I can't see anything in the environment that would tell applications about the forwarded agent. (no SSH_AUTH_SOCK)
So I'm out of ideas.
comment:4 Changed 6 months ago by
this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/2303
copyleft 2010 - 2021
Can be added using paramiko agent.
@erikjensen: in the meantime, you can use
--ssh=sshto switch back to the openssh backend which supports agent forwarding by default.