alt Hacker NewsNot sure I follow. Is your main objection to it that it can obfuscate login activity since many systems track login/connection events at the sshd level and are oblivious to SSH multiplexing?
I personally find it extremely useful when working with servers more than 100ms or so away in many contexts, and even closer if the workflow requires making many short-lived connections.
Is your main objection to it that it can obfuscate login activity since many systems track login/connection events at the sshd level and are oblivious to SSH multiplexing?
No, it means anyone that can get your team to execute a script can log in as you in any data-center you have authenticated to regardless of multi-factor authentication without using credentials. It means firewalls do not exist, CVE's not required and credentials are not required.
I personally find it extremely useful
Absolutely, not using credentials and riding the existing channels will always be faster. Removing authentication requirements will always reduce friction.