[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSH revised

From: Guy Bormann
Subject: Re: SSH revised
Date: Wed, 22 Mar 2006 08:32:48 +0100

On Tue, 2006-03-21 at 18:01 +0100, address@hidden wrote:
> I did not say where the user authentication happens.  We (Bas, Olaf
> and I) have developed some ideas to do the authentication not in
> system code, but in user code.  More on this another time (it's a
> separate discussion).  But in the case of SSH, it doesn't really
> matter.  Even if the authentication is done by the system, there is
> still some part of the SSH protocol that the system can not do for the
> user, for example executing a shell command.
Why would executing a shell command be a problem once you have a user
session? Nothing prevents the client from sending the command over the
SSH channel, accepting the potential output and closing the channel
automatically. In fact, if ssh doesn't do it like this already, the
server executing the command directly is a serious abberation we most
definitely don't have/want to mimick.
  In case a command cannot even be executed from the user session
interactively, there is no point in providing ssh functionality through
a separate protocol. Actually, it should be build into the terminal
facility from scratch as it should have been done originally (yes, I
know, there weren't that many machines back then blablabla...). You will
have to decide if you want to reinvent UNIX or if you want to invent
ingenious Hurd solutions? Breaking a protocol here or there might be a
(heavy) price you have to pay.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]