Neovim’s server defaults to named pipes or domain sockets, which do not have this issue. The documentation states that the TCP option is insecure.

VS Code’s ssh daemon is authenticated.

▲

ollien 2 hours ago | parent [-]

> Neovim’s server defaults to named pipes or domain sockets, which do not have this issue. The documentation states that the TCP option is insecure.

Good note on pipes / domain sockets, but it doesn't appear there's a "default", and the example in the docs even uses TCP, despite the warning below it.

https://neovim.io/doc/user/api.html#rpc-connecting

(EDIT: I guess outside of headless mode it uses a named pipe?)

> VS Code’s ssh daemon is authenticated.

How is it authenticated? I went looking briefly but didn't turn up much; obviously there's the ssh auth itself but if you have access to the remote, is there an additional layer of auth stopping anyone from executing code via the daemon?

	▲	rs_rs_rs_rs_rs 15 minutes ago \| parent [-]
		>How is it authenticated? I went looking briefly but didn't turn up much; obviously there's the ssh auth itself but if you have access to the remote, is there an additional layer of auth stopping anyone from executing code via the daemon? How many prompts and auth layers do you guys need until you shup up? I swear to God security people have completely lost touch with reality.