[Bug 1499] New: Add "ForwardAgent ask" to ssh_config

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Aug 5 17:35:18 EST 2008


https://bugzilla.mindrot.org/show_bug.cgi?id=1499

           Summary: Add "ForwardAgent ask" to ssh_config
    Classification: Unclassified
           Product: Portable OpenSSH
           Version: 4.7p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: ssh
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: cjs at cynic.net


There are some machines I trust very little, but I still need my agent
to authenticate a connection from it, e.g., to checkout something from
a revision control system or copy a file.

Currently I ssh into those machines with the -A option, overriding the
"ForwardAgent no" in my config file as it applies to that machine, do
my checkout or whatever, and then exit and resume work in a session
without agent forwarding. This exposes me more than I would like.

I would like the ability to set "ForwardAgent ask" in my config file
(or on the command line), which would cause that ssh to forward the
request to the agent only if approved via the standard SSH_ASKPASS
mechanism.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list