2011/11/4 Christopher Faylor > On Thu, Nov 03, 2011 at 09:52:20AM -0400, Andrew Schulman wrote: >>> I'd like to package and maintain win-ssh-agent for Cygwin. >>> With the win-ssh-agent, we can use the ssh-agent (available inthe >>> cygwin openssh) in the more smart way. >>> Normally, we need to start all relevant programs, which mightneed to >>> use the ssh, as child processes of the shell(e.g. bash) in which you >>> eval'ed the ssh-agent. ?Because, theprograms must be able to refer to >>> environment variables thatset by the ssh-agent. >>> The win-ssh-agent enables all programs to refer to theenvironment >>> variables of the ssh-agent, i.e. theSSH_AUTH_SOCK. ?Now, we no longer >>> need to start programs aschild processes of the shell. >> >>+1 Sounds useful. > > I don't agree. ?I don't see why this couldn't be accomplished using > standard UNIX tools
The win-ssh-agent is for applications that uses the cygwin openssh internally and are executed from the Explorer (i.e. via the ShellExecute() API). The keychain in the distribution cannot propagate SSH_AUTH_SOCK to them. Example: Consider the ntemacs ( http://ftp.gnu.org/pub/gnu/emacs/windows/ ) . (1) I want to use it because the cygwin emacs does not have its own windows. The cygwin emacs works only in the terminal. (2) I want to run it from the start menu or the Windows 7's task bar (not from the cygwin bash shell). It is the window's style to run applications. (3) I want to use the tramp ( http://www.gnu.org/s/tramp/ ) in the ntemacs. With it, I can treat documents on the remote machine as if they are on the local machine by: C-x C-f /sshx:username<at>hostname:~/remote-file But with the keychain, the ntemacs becomes silent because the ssh (executed by the tramp) cannot know the SSH_AUTH_SOCK and it asks me about the passphrase in the hidden console. With the win-ssh-agent, the ntemacs knows the SSH_AUTH_SOCK, so the tramp works as expected. > and it seems like it might even be a potential > security hole. ?I don't see the need to have this package in the > distribution. > > cgf The win-ssh-agent set the SSH_AUTH_SOCK and some enviroments to the user's registory (HKEY_CURRENT_USER\Environment\*), not to the system registory. -- Nayuta Taga
