Feature request for ssh-add

Jim Knoble jmknoble at pobox.com
Fri Aug 12 19:52:03 AEST 2016

On Aug 10, 2016, at 17:24, Darren Tucker <dtucker at zip.com.au> wrote:
> On Thu, Aug 11, 2016 at 1:29 AM, Loganaden Velvindron
> <loganaden at gmail.com> wrote:
> [...]
>> Instead of specifying each key file, a single file such as .config
>> would contain:
>> AgentDefaultKey ~/.ssh/client1_rsa.private ~/.ssh/client2_ed25519
>> ~/.ssh/client3_ed25519.
> You can do that with a trivial shell wrapper:
> function ssh-add() { if [ -z "$@" ];then /usr/bin/ssh-add `cat
> ~/.ssh/keylist`; else /usr/bin/ssh-add $@; fi ; }

This may not do exactly what you mean, depending on the user's shell; there are idiosyncrasies surrounding "$@", among other things. 

This would be more likely to work correctly:

ssh-add() {
  if [ $# -eq 0 ]; then
    /usr/bin/ssh-add `cat "$HOME/.ssh/keylist"`
    /usr/bin/ssh-add "$@"

Basically, "$@" (with double quotes) expands to "$1" "$2" ... "$n". Some shells don't like more than one argument after a -z test.  Some shells also expand "$@" to "" (an empty string) if no arguments are provided, while others (e.g., bash) expand it to nothing (not even an empty string). Using the quoted form after the ssh-add command ensures that arguments containing whitespace are preserved.  Likewise, not all shells like a tilde ('~') for $HOME, and quoting it ensures that home directories containing whitespace work correctly. 

Handling whitespace in the names of key files in ~/.ssh/keyfiles is left as an exercise for the reader, as is handling alternate locations of ssh-add. :)

Otherwise, I concur as well; this should not be first-class functionality of ssh-add. 

jim knoble

More information about the openssh-unix-dev mailing list