sshfs-win-manager
sshfs-win-manager copied to clipboard
evsar3
[Feature request] Integrating with SSH key agent
Integration with an SSH key agent (Putty's or another one) would allow for more secure keyfile handling. The agent could take care of handling the password protection.
Worth noting that there's an OpenSSH Authentication Agent service included in Windows 10, though it is disabled by default. But it's simple to enable and start it in the Services app, and it's guaranteed to be there in every Win10 installation. So if you add code to integrate with a key agent, please make sure the built-in Win10 OpenSSH agent is one of the ones you integrate with.
Built-in Windows 10 SSH Agent uses a named pipe for communication instead of a socket as seen in Unix. I wasn't able to find any node package that implementa such communication method. In order to make this work I guess I will have to write my own client, and this will be a hard work, since I need to study the protocol and implement in JavaScript. I will also look up for other key management programs and see if they provide a better API.
i recently started to look into it, no promises though - i also do not want to interfere with any plans that @evsar3 might have
I am very sorry. While i thought it would be possible, it turns out that i oversaw an issue and i cant solve this right now. I will keep looking for a solution though.
I hope i can find a solution while digging through https://github.com/ymnk/jsch-agent-proxy/blob/master/jsch-agent-proxy-pageant/src/main/java/com/jcraft/jsch/agentproxy/connector/PageantConnector.java . If anyone has a hint, i would be thankful for a little pointer in the right direction.
Built-in Windows 10 SSH Agent uses a named pipe for communication instead of a socket as seen in Unix. I wasn't able to find any node package that implementa such communication method.
https://stackoverflow.com/a/32172145 shows an example of using Windows named pipes: basically, you would use net.connect("\\\\.\\pipe\\INSERT_PIPE_NAME_HERE") if that example is correct. (The pipe is \\.\pipe\INSERT_PIPE_NAME_HERE but the backslashes have to be backslash-escaped, of course). I haven't tested this myself, but it looks like it's possible.
Oh yes, all my stuff uses my key loaded in Pageant. Windows Git client, WSL distros, PuTTY itself.... it'd be silly to save my passphrase in each and every SSH-related tool separately...
Oh yes, all my stuff uses my key loaded in Pageant. Windows Git client, WSL distros, PuTTY itself.... it'd be silly to save my passphrase in each and every SSH-related tool separately...
~~SSHFS-WIN has no support for the MS port of OpenSSH server and client, its using cygwin ports. Same with putty, pageant. Thats why they can share that ssh-agent.exe.~~
~~Git, GNUPG and WSL2 (AF_UNIX proxy) has support for the MS port. Thats why they can share that other ssh-agent.exe.~~
~~Its not silly that you have to type your passhprase for each ssh-agent..?~~
~~SSHFS-WIN doesnt even support the MS port so its expected that the manager for SSHFS-WIN doesnt either. Just use the cygwin agent for it all as all those clients you mention support it ?~~
Edit: --
Yes, there’s no support atm, that’s precisely why this ticket exists. Thanks for your invaluable contribution to the topic.
Yes, there’s no support atm, that’s precisely why this ticket exists. Thanks for your invaluable contribution to the topic
https://github.com/ansible/ansible/pull/77277#issuecomment-1072516081