[Bug 3712] New: ssh-add should respect AddKeysToAgent default in ~/.ssh/config

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Jul 22 20:13:49 AEST 2024


https://bugzilla.mindrot.org/show_bug.cgi?id=3712

            Bug ID: 3712
           Summary: ssh-add should respect AddKeysToAgent default in
                    ~/.ssh/config
           Product: Portable OpenSSH
           Version: 9.8p1
          Hardware: 68k
                OS: Mac OS X
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-add
          Assignee: unassigned-bugs at mindrot.org
          Reporter: gray at nxg.name

The option -t tells ssh-add to add keys with a given lifetime.  The
AddKeysToAgent option, described in ssh_config(5), does the same
general thing.  One of the places that option is useful, would be in
setting a (lower-than-standard) default lifetime for keys added
interactively.

However ssh-add appears _not_ to consult ~/.ssh/config (ssh-add(1)
doesn't claim it does, and experimentally, setting this option there
has no effect on the lifetime of keys added to the agent).  Thus, there
appears to be no way of setting a lower-than-stock lifetime for
ssh-add, other than giving the -t option each time.

I suggest that it would be useful for ssh-add to consult this
configuration file, and respect this option.  If only on a Principle Of
Least Astonishment.

I've reported this against the most recent OpenSSH version, but only
directly confirmed it using OpenSSH_9.0p1 on macOS.  Tracing ssh-add
from OpenSSH_9.5p1 on current FreeBSD, it doesn't seem to look for
~/.ssh/config.  Finally, examining <https://man.openbsd.org/ssh-add>,
there is no mention of ~/.ssh/config in the FILES section of the most
up-to-date manpage.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list