add version 2 identities by default, too
Colin Walters
walters at cis.ohio-state.edu
Sun Jul 29 14:26:41 EST 2001
[ I'm not subscribed to this list; please CC any followups to me as
well ]
When a user invokes "ssh-add" with no arguments, I think we should
default to adding both version 1 and version 2 keys. Here's a patch
against the source included with my Debian package of OpenSSH:
walters at space-ghost:/usr/src/ssh/openssh-2.9p2$ diff -u ssh-add.c~ ssh-add.c
--- ssh-add.c~ Thu Apr 19 16:33:08 2001
+++ ssh-add.c Sat Jul 28 23:49:01 2001
@@ -182,12 +182,63 @@
printf("The agent has no identities.\n");
}
+void
+add_default_identities(AuthenticationConnection *ac, int deleting)
+{
+ char identity_name[1024];
+ char dsa_name[1024];
+ char rsa_name[1024];
+ struct passwd *pw = getpwuid(getuid());
+ snprintf(identity_name, sizeof identity_name, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_IDENTITY);
+ snprintf(rsa_name, sizeof rsa_name, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_ID_RSA);
+ snprintf(dsa_name, sizeof dsa_name, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_ID_DSA);
+ if (!pw) {
+ fprintf(stderr, "No user found with uid %u\n",
+ (u_int)getuid());
+ ssh_close_authentication_connection(ac);
+ exit(1);
+ } else {
+ int identity_found = !access(identity_name, R_OK);
+ int rsa_found = !access(rsa_name, R_OK);
+ int dsa_found = !access(dsa_name, R_OK);
+
+ if (!(identity_found || rsa_found || dsa_found)) {
+ fprintf(stderr,
+ "No files specified, and unable to find one of:\n%s\n%s\n%s\n",
+
+ identity_name,
+ rsa_name,
+ dsa_name);
+ ssh_close_authentication_connection(ac);
+ exit(1);
+ }
+ if (identity_found) {
+ if (deleting)
+ delete_file(ac, identity_name);
+ else
+ add_file(ac, identity_name);
+ }
+
+ if (rsa_found) {
+ if (deleting)
+ delete_file(ac, rsa_name);
+ else
+ add_file(ac, rsa_name);
+ }
+
+ if (dsa_found) {
+ if (deleting)
+ delete_file(ac, dsa_name);
+ else
+ add_file(ac, dsa_name);
+ }
+ }
+}
+
int
main(int argc, char **argv)
{
AuthenticationConnection *ac = NULL;
- struct passwd *pw;
- char buf[1024];
int no_files = 1;
int i;
int deleting = 0;
@@ -220,26 +271,16 @@
no_files = 0;
continue;
}
+
no_files = 0;
if (deleting)
delete_file(ac, argv[i]);
else
add_file(ac, argv[i]);
}
- if (no_files) {
- pw = getpwuid(getuid());
- if (!pw) {
- fprintf(stderr, "No user found with uid %u\n",
- (u_int)getuid());
- ssh_close_authentication_connection(ac);
- exit(1);
- }
- snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_IDENTITY);
- if (deleting)
- delete_file(ac, buf);
- else
- add_file(ac, buf);
- }
+ if (no_files)
+ add_default_identities(ac, deleting);
+
clear_pass();
ssh_close_authentication_connection(ac);
exit(0);
walters at space-ghost:/usr/src/ssh/openssh-2.9p2$
cd /usr/src/ssh/openssh-2.9p2/
diff -u /usr/src/ssh/openssh-2.9p2/ssh-add.1\~ /usr/src/ssh/openssh-2.9p2/ssh-add.1
--- /usr/src/ssh/openssh-2.9p2/ssh-add.1~ Wed Apr 11 11:59:36 2001
+++ /usr/src/ssh/openssh-2.9p2/ssh-add.1 Sun Jul 29 00:22:11 2001
@@ -51,10 +51,12 @@
.Nm
adds RSA or DSA identities to the authentication agent,
.Xr ssh-agent 1 .
-When run without arguments, it adds the file
-.Pa $HOME/.ssh/identity .
-Alternative file names can be given on the command line.
-If any file requires a passphrase,
+When run without arguments, it looks for any of
+.Pa $HOME/.ssh/identity ,
+.Pa $HOME/.ssh/id_rsa , and
+.Pa $HOME/.ssh/id_dsa ,
+and adds them if present. Alternative file names can be given on the
+command line. If any file requires a passphrase,
.Nm
asks for the passphrase from the user.
The Passphrase it is read from the user's tty.
@@ -88,9 +90,6 @@
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file.
-This is the default file added by
-.Nm
-when no other files have been specified.
.It Pa $HOME/.ssh/id_dsa
Contains the protocol version 2 DSA authentication identity of the user.
.It Pa $HOME/.ssh/id_rsa
Diff finished at Sun Jul 29 00:22:17
More information about the openssh-unix-dev
mailing list