[Bug 1980] use updated ssh-copy-id

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sun Jan 20 08:41:49 EST 2013


https://bugzilla.mindrot.org/show_bug.cgi?id=1980

--- Comment #11 from Philip Hands <phil at hands.com> ---
(In reply to comment #10)
> Thanks for making the changes - it's pretty close now.

No problem.

> A couple more comments:
> 
> >  35 DEFAULT_PUB_ID_FILE=$(ls -t ${HOME}/.ssh/*.pub | grep -v -- '-cert.pub$' | head -n 1)
> 
> Could you make this id*.pub? I worry about people accidentally
> exporting special-use keys instead of the usual default auth keys by
> mistake.

Done.

> >  67 GETOPT_PARSED=$(getopt --options 'i::p:nh?' --name "$0" --quiet -- "$@")
> 
> Would it be possible to pass -o [arg] though to ssh? Quite a few
> people have requested this over the years.

I presume that will need to be properly quoted in order to be passed
through, and that they may want to specify more than one -o option.

That seems to mean that I'll have to do some sort of nasty quoting, and
then eval the ssh command in order to unwrap the quoting, or am I
making
things more complicated than they need to be?

> > 178   NetScreen*)
> > 179     populate_new_ids 1
> > 180     for KEY in $(echo "$NEW_IDS"| cut -d' ' -f2) ; do
> 
> I'd add:
> 
> echo "$KEY" | grep -q ssh-dss || continue
>
> to skip non-DSA keys here if that's all the Netscreens support.

Well, I've added a warning, and made the error messages a bit more
useful (hopefully), but in effect -- Done.

> I think populate_new_ids() might need a umask call too.

Do you mean 0022 in case they have something silly set, or 0177 or some
such for reasons of paranoia?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list