This is to make it possible for admins to enable password-less
auth at the expense of security.
In that situation:
Server <=> Wetty <=> Client
- Link between Wetty and the SSH Server is secured by SSH.
- Wetty knows a private key to connect to the SSH Server, using an SSH
User.
- Client only needs to know how to access Wetty to run commands
on the SSH Host.
- Client would not be able to retrieve the private key from Wetty to
login directly to the SSH Server.
This basically means that anything that reaches Wetty needs to be
trusted as it would be able to execute commands on the remote SSH server,
so admins should be really careful when using that feature.
Bertrand Roussel
Oleg Kurapov
butlerx
Strubbl
butlerx
Krishna Srinivas
Nathan LeClaire