Brian May wrote:
I came in late, but enhancing ssh-agent would be a good thing IMHO.
Whatever happens, I really like the model of ssh-agent - if an
attacker gets access to the ssh-agent socket, they cannot use this to
get access to the private key or password - so the damage is limited
to the duration they have access to the socket.
Yes, I also like this model a lot - to my mind the only good options are
using ssh-agent or replacing it. Both have their advantages. It's my
belief that a more capable replacement for ssh-agent is desperately
needed, but I'm trying not to foist mission creep onto Monotone where I
can help it - I worry about those ninjas :-)
--
__
\/ o\ Paul Crowley, [EMAIL PROTECTED]
/\__/ http://www.ciphergoth.org/
_______________________________________________
Monotone-devel mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/monotone-devel
