Exit status on `ssh-add` failure
Wiktor Kwapisiewicz
wiktor at metacode.biz
Wed May 20 21:04:03 AEST 2026
Hi,
I'm developing a library for building custom SSH agents and noticed that
OpenSSH's `ssh-add` doesn't return non-zero exit code on some failures:
$ SSH_AUTH_SOCK=/tmp/test.sock ssh-add client
Identity added: client (test-client)
Certificate client-cert.pub (client) add failed: communication with
agent failed
$ echo $?
0
The certificate has not been added due to agent protocol error but
ssh-add still returned exit code 0.
The EXIT STATUS section of the manpage for ssh-add states: "Exit status
is 0 on success, 1 if the specified command fails, and 2 if ssh-add
is unable to contact the authentication agent." but it doesn't mention
what happens when the command partially succeeds (identity has been
added but the certificate not).
Is that the intended behavior of ssh-add?
Thank you for your time and help!
Kind regards,
Wiktor
For reference, the link to my user's report:
https://github.com/wiktor-k/ssh-agent-lib/pull/101#issuecomment-4259465799
More information about the openssh-unix-dev
mailing list