The design considerations behind identity files


(Yang.Y) #1

Unlike SSH Tunnel, Core Tunnel actually runs an OpenSSH instance for each tunnel connection, in other words, Core Tunnel can do almost every thing OpenSSH can do.

So in most of cases, there is no need to specify identity (aka. private key) explicitly, especially if you have all of your identities in ~/.ssh/ directory, or you have set IdentityFile option in /etc/ssh_config.

Importing vs. Using

SSH Tunnel imports identities into its own container directory, but it’s potentially harmful to have identity copies scattered all around.

As opposed to importing, Core Tunnel uses the identities, you can hold your identities at anywhere you think is appropriate, just tell Core Tunnel where to find.

In this way, each of your identities in a specific location, you can use them in both Core Tunnel and ssh command line, without being confused.


Core Tunnel will have a “Passwords” tab as in Safari, lists saved passwords and identity passphrases.

The above also an answer to @mlist’s thought:

(Yang.Y) #2

@mlist The current vanilla text field for private key path is a bit inconvenient, change to a combobox should save your time:

You can type in arbitrary identity file path, as well as select one from dropdown list (the candidates are those used in other tunnels).

(chris) #3

very nice! thanks for that.


(Yang.Y) #4