[X2Go-Dev] Support for PuTTY private key files / built-in ssh-agent?

[Stefan Baur]

Am 16.05.2012 13:50, schrieb Moritz Struebe:
> On 2012-05-16 13:33, Stefan Baur wrote:
>> would it be possible to integrate support (1) for PuTTY-style ssh
>> private key files (*.ppk) into the X2Go client, or (2)

> Adding a feature to allow importing ppk by calling PuTTYgen might be
> reasonable.

Simply adding an import option will cause issues when users want to 
change the password - they will have to do it once in PuTTYgen for their 
PPK file, and once in X2Go client (or re-import the key).

I'd prefer it if X2Go client would be able to read such key files 
natively, without having to call PuTTYgen each time, or forcing an 
export/import action.


>> to run a ssh-agent (maybe from cygwin, or copied from PuTTY's
>> "pageant.exe") *within* the X2Go client, so other applications can
>> authenticate with the same key?

> IMO this is not a good idea. It adds functionality that is out of scope
> and adds additional cmplexity.

Assuming that a ssh-agent is available in cygwin, calling that in the 
background (so it doesn't show up as an extra icon) wouldn't introduce 
that much new code into the client.

>> [..] or run pageant.exe, PuTTY's ssh agent.

> This is probably the best solution as it provides a clean separation of
> concerns.

It's the safest from a security standpoint, but it's the worst from a 
usability standpoint, as it requires configuration in two different 
locations (a batch file loading pageant and the proper key, and the X2Go 
client configuration) and also needs two icons in the notification area 
- if a user terminates pageant.exe, X2Go Client will fail to work. 
Explaining why that is the case to a non-technical user will prompt a 
"Why isn't it all integrated into one application?  That's stupid! 
Duh!" kind of response.

-Stefan