Something akin to ssh agent-forwarding ("oauth-forwarding"?) is really needed.
And it needs to be integrated similarly well like support for jumphosts.
Haven't seen anything like this, I'll try to bring this up with the openssh folks.
Curl can connect over unix domain sockets and ssh can forward them, I feel this would be a decent way to forward authentication as access control rules would apply to the sockets.
My SSH usage has multiple servers (staging, dev, etc..) and multiple clients (laptop, desktop). Some of those connections are going through jumphosts.
Setting up SSH tunnel would be possible, but a major pain, as every source/dest combination will need to have its own port, and every signin should specify the port number.
Compared to the current system, which prints a URL in terminal which I just need to click, it would be a major usability regression.
Some login requires Identity and access management (IAM) with a web interface only, if such gateway exists, a CLI tool would have to give user a link to open oneself I guess?
GreyStache|3 years ago
Haven't seen anything like this, I'll try to bring this up with the openssh folks.
_flux|3 years ago
dgoldstein0|3 years ago
theamk|3 years ago
Setting up SSH tunnel would be possible, but a major pain, as every source/dest combination will need to have its own port, and every signin should specify the port number.
Compared to the current system, which prints a URL in terminal which I just need to click, it would be a major usability regression.
est|3 years ago
minitoar|3 years ago
chupasaurus|3 years ago