ssh-add 6.7 inserts RSA keys into the ssh-agent as "rsa w/o comment" instead of filenames
Damien Miller
djm at mindrot.org
Wed Nov 5 11:11:14 EST 2014
hmm, that's a regression - could you please file a bug for it? I'll
try to fix it before the next release.
On Tue, 4 Nov 2014, Daniel Kahn Gillmor wrote:
> Hi OpenSSH folks--
>
> as of version 6.7 (the first version i noticed this in), it looks to me
> like adding ssh keys to ssh-agent marks them all as "rsa w/o comment",
> instead of putting the filename as the comment.
>
> This appears to be because of the key function overhaul in
> 8668706d0f52654fe64c0ca41a96113aeab8d2b8.
>
> ssh-add.c loads the secret keys via library-like invocations of
> functions in sshkey.c, and if the comment returned is NULL, it sets the
> comment to be the filename.
>
> But in practice, these functions now return "rsa w/o comment" as the
> comment, so the filename never gets applied as a comment.
>
> Possible ways to fix:
>
> * One fix would be to have the functions return a NULL for the comment.
>
> * Another fix would be to have ssh-add just override the comment
> explicitly.
>
> * A third fix would be to pass a "proposed comment" into the
> library-like call, which could be overridden by future versions if
> they're aware of a superior comment after having parsed the key.
>
> I also note that there is no way for a user of ssh-add to explicitly set
> the comment directly -- adding something like that would be a distinct
> feature, i think.
>
> Regards,
>
> --dkg
>
More information about the openssh-unix-dev
mailing list