bzr+ssh using persistent SSH connections?

[Nicholas Allen]

>
> One observation - you say "Bazaar does not need to do anything", but if
> bazaar does nothing then the user has to!

But even with an agent the user has to do something - they have to add the key 
to the ssh-agent for caching (unless he makes a key which I would not 
recommend). Most likely he will have to also make sure the agent is running to 
and that he has a public/private key and that the server has the public key as 
an authorized key.

So using a master connection the user has to do less I would say.

> Every time he does anything that needs access to the server he has to
> ensure that he has first started a master session. 

But he only needs to do this once (eg after login).

> Thus the onus is
> pushed onto the user and further I suspect (I'm not an expert) that
> users keeping long-lived ssh connections open consumes resources on the
> server.

I do not notice any significant resource consumption on my server.

>
> BTW we all use bzr+ssh here and since day one everyone has been
> instructed to add a key to the ~/.ssh/authorized_keys file.

Using master connection does not mean you can't also use public/private key 
pairs and the agent. You can use both together if you want. public/private key 
pair is better from a security point of view because the password is never 
sent over the connection. I actually use both in combination now. The 
advantage of the master connection is that it speeds up establishing a 
connection with the server because a new one does not need to be made for each 
command.

Nick

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20090310/119c2921/attachment.pgp