[Bug 1699] New: [patch] Enhance SSH to automatically add keys to ssh-agent
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Jan 19 11:25:44 EST 2010
https://bugzilla.mindrot.org/show_bug.cgi?id=1699
Summary: [patch] Enhance SSH to automatically add keys to
ssh-agent
Product: Portable OpenSSH
Version: 5.3p1
Platform: amd64
URL: http://article.gmane.org/gmane.network.openssh.devel/1
6422
OS/Version: OpenBSD
Status: NEW
Keywords: needs-release-note, patch
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: joachim at joachimschipper.nl
Created an attachment (id=1780)
--> (https://bugzilla.mindrot.org/attachment.cgi?id=1780)
[patch] Automatically add keys to ssh-agent(1)
[Continuing a mailing list thread; see
http://article.gmane.org/gmane.network.openssh.devel/16422.]
My keys are secured with a passphrase. That's good for security, but
having to type the passphrase either at every login or at every
invocation of ssh(1) is annoying.
It's possible to hack around this annoyance, but such hacks are
inevitably brittle. OpenSSH should just do quietly do the right thing,
as it does in other cases.
Please find included a patch (against OpenBSD's OpenSSH) to fix this.
By way of specification, I'll quote ssh_config(5):
AddKeysToAgent
Specifies whether keys should be automatically added to
ssh-agent(5) (if running). If this option is set to ``yes'' and a key
is loaded from a file, this key and all keys with either the same or an
empty passphrase are added to the agent (with the default lifetime), as
if by ssh-add(1). If this option is set to ``ask'', ssh will require
confirmation using the SSH_ASKPASS pro- gram before adding a key (see
ssh-add(1) for details). If this option is set to ``confirm'', each
use of the key must be confirmed, exactly as if the -c option was
specified to ssh-add(1). If this option is set to ``no'', no keys are
added to the agent. The argument must be ``yes'', ``confirm'',
``ask'', or ``no''. The default is ``no''.
This is my first patch, so please review thoroughly! I'll happily make
any changes requested.
Joachim
P.S. This patch has been completely rewritten (relative to the patch
posted to the mailing list, above) to support adding all keys with the
same passphrase at once.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list