Re: gnome-keyring spice ssh-agent forward
- From: Stef Walter <stefw gnome org>
- To: Fabiano Fidêncio <fabiano fidencio org>, gnome-keyring-list gnome org
- Subject: Re: gnome-keyring spice ssh-agent forward
- Date: Tue, 15 Sep 2015 16:34:35 +0200
On 10.09.2015 18:07, Fabiano Fidêncio wrote:
Howdy!
I've been working on a prototype that allows to do agent forward
between a guest, using SPICE, and a spice client
(remote-viewer/virt-viewer/spicy)
The whole idea is to have something similar to "ssh -A guest", but
integrated with the desktop environment.
As a proof of concept I wrote a standalone ssh-agent that _unlink_ the
current running agent in the guest machine and creates its socket in
the same path used by the old agent. It works as you can see in these
small demo videos:
https://fidencio.fedorapeople.org/ssh-agent-forward/
Now where the problem starts: doing this would break the desktop
integration with gnome-keyring (got as example gnome-keyring-daemon
--replace, that would overwrite my socket ...)
So, what would be the best approach to still have spice ssh-agent
working and do _not_ break gnome-keyring integration? How can it be
extended to others DEs (I really don't want a gnome specific solution
for this)?
For sure, what _must_ be implemented would be a way to talk to both
agents, the local one and the remote one, merging then the responses
and returning it to any application that talks to the agent. But how
to achieve this in a DE agnostic way?
Should we automatically disable the gnome-keyring-daemon agent if an
SSH_AUTH_SOCK is already set during startup?
Stef
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]