[Bug 2866] New: Allow forwarded agent sockets to be in somewhere other than /tmp
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat May 12 05:29:07 AEST 2018
https://bugzilla.mindrot.org/show_bug.cgi?id=2866
Bug ID: 2866
Summary: Allow forwarded agent sockets to be in somewhere other
than /tmp
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: rlpowell at digitalkingdom.org
On my site we use pam_ssh_agent_auth
This means that if something happens to fill up /tmp, we lose the
ability to sudo, which is not awesome. We'd like to have a
tmpfs-backed FS *just* for ssh agent sockets, but we can't because as
far as I can tell from the code, tmp/ssh-XXXXX is hard-coded in sshd.
On more recent ssh versions, this can be hacked around with -R on our
auth sockets, but currently most of my plant is on ssh 5.3 because
reasons, but also it really seems like this is something that should be
configurable.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list