- multiple-file known-hosts database?
- import existing stuff
- at least minimal sftp/scp support
- revoke-forwarding requests for X and agent
- fallback to external ssh1 client? server?  figure out and implement ssh1?
- handle forwarder connection loss better
- internals doc (real comments, in particular)
- per-client flags in agent
- some kind of config for agent
- "pq hold" in interactive agent
- figure out how to get a BPP to abort_bpp() (see bpp.h)
- utmp/wtmp entries (and related stuff, eg, setlogin())
- fix password/keyboard-interactive auth from sharing servers
- malloc hacks to mitigate swap-out-crypto-key risks
- handle a missing agent better
- update manpage description of config-file language
- fix "ssh -share-drop host" buglet
- tutorial config-file document
- "sharing connection read EOF" add CR after LF
- external-program approval of key use (for, eg, time-based restrictions)
- RFC4819 publickey implementation
- a way to say "add to agent" when prompted for key passphrase
- implement a client-side interface to env requests (4254 6.4)
- fix the issue mentioned in the comment on lookup_key() in agent-server.c
- ECC support maybe?
- forward fds other than 0/1/2
- RFC4255 fingerprint checking
- Linux support
- proper OS layer separation
- agent proxying (eg, for tmux)
- AF_LOCAL connection forwarding
- forward signals client->server
- line-at-a-time input
- "echo foo | moussh -tty host cat" coredump
- some way to do interactive selection of keys to present for publickey auth
- failure when rekeying with unknown (manually-accepted) host key
- think about pre-channel-open auth-agent requests (eg, ssh proxy auth)