Re: [Isms] Proposed SSH Transport Address Changes (and a quick nit)

To: Wes Hardaker <wjhns1 at hardakers.net>
Subject: Re: [Isms] Proposed SSH Transport Address Changes (and a quick nit)
From: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
Date: Mon, 14 Jul 2008 12:19:33 +0200
Cc: isms at ietf.org
Delivered-to: ietfarch-isms-web-archive at core3.amsl.com
Delivered-to: isms at core3.amsl.com
In-reply-to: <sd7ic23ome.fsf@wes.hardakers.net>
List-archive: <http://www.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
Mail-followup-to: Wes Hardaker <wjhns1 at hardakers.net>, isms at ietf.org
References: <sd7ic23ome.fsf@wes.hardakers.net>
Reply-to: j.schoenwaelder at jacobs-university.de
Sender: isms-bounces at ietf.org
User-agent: Mutt/1.5.18 (2008-05-17)

On Thu, Jul 03, 2008 at 09:43:05AM -0700, Wes Hardaker wrote:
 
> Second, SSH has a fairly common usage that allows one user on one host to
> connect as a different user on the remote host.  Right now in the SSHSM
> solution it's not possible to use a different remote user than the one
> specified locally even though this is common usage within SSH users
> today.
> 
> To fix this, I'd like to suggest another *optional* portion on the front
> of the string that allows specifying the SSH user name to be used.
> Specifically, the "@" sign (ASCII 0x40) in the address string would be a
> delimiter to indicate that the beginning portion is a user name.  The @
> symbol don't exist legally in the existing specification so it shouldn't
> conflict with the existing structure and is easy to quickly look for and
> parse out.  (and it is already common usage within at least some SSH
> implementations).

Our implementation actually support this on the command line:

  snmpwalk -u schoenw ssh:schoenw at host.example.com:1234 ifTable

[I would prefer to get rid of the '-u schoenw' part but NET-SNMP
 5.3.0.1 seems to insist on having the -u option for v3; I guess we
 have to dig deeper.]

We currently don't implement any MIB objects but it seems straight
forward and operationally useful to support the 'user@' part. So I am
kind of in favour of this proposal.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms

Follow-Ups:
- Re: [Isms] Proposed SSH Transport Address Changes (and a quick nit)
  - From: Wes Hardaker
- Re: [Isms] Proposed SSH Transport Address Changes (and a quick nit)
  - From: David Harrington

References:
- [Isms] Proposed SSH Transport Address Changes (and a quick nit)
  - From: Wes Hardaker

Prev by Date: [Isms] dublin meeting agenda
Next by Date: Re: [Isms] Proposed SSH Transport Address Changes (and a quick nit)
Previous by thread: [Isms] Proposed SSH Transport Address Changes (and a quick nit)
Next by thread: Re: [Isms] Proposed SSH Transport Address Changes (and a quick nit)
Index(es):
- Date
- Thread

Re: [Isms] Proposed SSH Transport Address Changes (and a quick nit)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.