From dea79f16d021dedac0b1f87d29e8839de8c5204e Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Thu, 17 Mar 2022 09:31:03 +0530 Subject: [PATCH] Update the how it works section --- docs/kittens/ssh.rst | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/docs/kittens/ssh.rst b/docs/kittens/ssh.rst index a989ca081..faf07b4bd 100644 --- a/docs/kittens/ssh.rst +++ b/docs/kittens/ssh.rst @@ -107,16 +107,18 @@ editor, respectively: How it works ---------------- -The ssh kitten works by having SSH transmit and execute a POSIX sh (or optionally -Python) bootstrap script on the remote server using an :opt:`interpreter -`. This script asks kitty for the setup data over -the tty device, which kitty sends as a tarball. The script extracts it and -places the :opt:`files ` and sets the :opt:`environment -variables ` before finally launching the :opt:`login shell -` with shell integration enabled. The data is requested -with a one-time random password that is generated when the script is transmitted, so -that on the remote server, only the script can request data transmission over -the TTY, any other requests are responded to by errors. +The ssh kitten works by having SSH transmit and execute a POSIX sh (or +optionally Python) bootstrap script on the remote server using an +:opt:`interpreter `. This script reads setup data over +the tty device, which kitty sends as a base64 encoded tarball. The script +extracts it and places the :opt:`files ` and sets the +:opt:`environment variables ` before finally launching the +:opt:`login shell ` with shell integration enabled. The +data is requested by the kitten over the TTY with a random one time password. +kitty reads the request and if the password matches a password pre-stored in +shared memory on the localhost by the kitten, the transmission is allowed. If +your OpenSSH version is >= 8.4 then the data is transmitted instantly without +any roundtrip delay. .. note::