[Bug 2533] New: do not check if HostKeyAgent is available on ssdh startup

Thu Jan 28 18:03:39 AEDT 2016

https://bugzilla.mindrot.org/show_bug.cgi?id=2533

            Bug ID: 2533
           Summary: do not check if HostKeyAgent is available on ssdh
                    startup
           Product: Portable OpenSSH
           Version: 7.1p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: igor at mir2.org

Currently with the HostKeyAgent option sshd checks on startup if it can
connect to the agent socket,
https://github.com/openssh/openssh-portable/blob/ebacd377769ac07d1bf3c75169644336056b7060/sshd.c#L1773

This introduces an artificial dependency between the agent process and
sshd and require the agent running when sshd starts. Moreover, as this
check do not verify if the the agent has the keys for the server, the
usability as a health check of such query is rather low.

It would be nice to either remove this check completely or at least
provide an option to disable it. This way the agent socket will be
queried only when receiving a new client connection completely
decoupling sshd from the agent process.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.