new option ssh-add -v to verify if key is loaded into the agent

Konrad Bucheli kb at
Tue May 10 17:58:52 EST 2011


Thanks for the input. I have now a few questions:

> +	char data[1024];

> +	arc4random_buf(data, sizeof(data));

You use a long pseudo-random token for to verify the private key, while
my patch uses a short (20 bytes) random token. What is recommended?

> +	fprintf(stderr, "  -T pubkey   Test if ssh-agent can access matching private key.\n");

I think this documentation goes more to the point. Still the verb to use
is open:
-T for test
-C for check
-v for verify
-V for verify

I guess verify is the word with the least general meaning. And if we put
a capital V, it will not be mistaken as "version".

Any opinions?


konrad bucheli
security engineer

open systems ag
raeffelstrasse 29
ch-8045 zurich

t: +41 44 455 74 00
f: +41 44 455 74 01
kb at

More information about the openssh-unix-dev mailing list