martin> 2009/9/3 Alexander Belchenko <email address hidden>:
>>> I will also mention that there is a way to get ssh to use an external
>>> program to ask for passwords or passphrases, and we could try to hook
>>> into that. Whether it will give us such nice integration, and whether
>>> it's worth writing that code for both paramiko and openssh is
>>> questionable.
>>
>> So we have stalemate situation. And this is frustrating. :-/
martin> No, I don't think it's a stalemate at all, it's just not quite trivial:
martin> We can pursue either or both of two courses:
martin> 1- Encouraging use of paramiko on unix; a good first step would be to
martin> ask unix-based devs to try it. This may be easier if there was a
martin> config option as well as a variable. We can just ask on the list. In
martin> fact I'll just try it now!
martin> 2- Hooking into openssh so it calls back to our uifactory to get the
martin> password and other things.
3 - Have platform/distribution specific policies. We should try to
*avoid* resorting to such extremes (because of the associated
costs in test, code and documentation), but we shouldn't rule
that out either.
>>>>> "martin" == Martin Pool writes:
martin> 2009/9/3 Alexander Belchenko <email address hidden>:
>>> I will also mention that there is a way to get ssh to use an external
>>> program to ask for passwords or passphrases, and we could try to hook
>>> into that. Whether it will give us such nice integration, and whether
>>> it's worth writing that code for both paramiko and openssh is
>>> questionable.
>>
>> So we have stalemate situation. And this is frustrating. :-/
martin> No, I don't think it's a stalemate at all, it's just not quite trivial:
martin> We can pursue either or both of two courses:
martin> 1- Encouraging use of paramiko on unix; a good first step would be to
martin> ask unix-based devs to try it. This may be easier if there was a
martin> config option as well as a variable. We can just ask on the list. In
martin> fact I'll just try it now!
martin> 2- Hooking into openssh so it calls back to our uifactory to get the
martin> password and other things.
3 - Have platform/ distribution specific policies. We should try to
*avoid* resorting to such extremes (because of the associated
costs in test, code and documentation), but we shouldn't rule
that out either.