IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Interop lsh and SSH-2.0-GitLab-SSHD



Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:

>> See what happens when you just perform the auth in one step rather
>> than feeding things in in bits and pieces over multiple messages.
>
> As I think I said upthread, I don't think moussh is capable of that,
> but I'm not sure it matters - see my upthread message.

As I said in the first message in this thread, in my login attempt, I
did include the signature right away, in the first USERAUTH_REQUEST.

(And I consider handling of private keys a long-standing user interface
bug in lsh: I store private keys encrypted with a passphrase, and if the
file ~/.lsh/identity exists, I ask the user for the passphrase upfront
(even before connecting to the remote server). And then the user will
have to know if the key is likely to be useful, and type the passphrase,
or just press enter. An empty passphhrase makes decryption fail, and
then lsh continues without attempting pubkey user auth at all. It would
be more user-friendly to only ask for passphrase if the key is likely to
be useful).

Regards,
/Niels

-- 
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.



Home | Main Index | Thread Index | Old Index