Bug 831

Summary:

Allow agent forwarding in sftp & scp

Product:

Portable OpenSSH

Reporter:

Damien Miller <djm>

Component:

sftp

Assignee:

Damien Miller <djm>

Status:

CLOSED FIXED

Severity:

enhancement

CC:

dtucker, kl_other+mindrot, michael.armbrecht, naddy, sascha-openssh-bugs

Priority:

Version:

-current

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

3162

Attachments:

Description	Flags
Add -A option to scp and sftp	none
Add -A option to scp and sftp (updated, git format-patch)	none
Add -A option to scp	none
Allow -A in sftp and scp	dtucker: ok+

Description Damien Miller 2004-04-05 16:58:15 AEST

sftp & scp unconditionally disable agent forwarding for their underlying ssh
connections. 

Unfortunately this makes it difficult to implement a SSH proxy that permits file
transfers using pubkey auth with the OpenSSH clients.

Comment 1 Damien Miller 2004-04-05 16:59:14 AEST

Created attachment 594 [details]
Add -A option to scp and sftp

This adds a -A option to explicitly enable agent forwarding for the file
transfer clients.

Comment 2 Damien Miller 2004-04-14 13:24:11 AEST

*** Bug 557 has been marked as a duplicate of this bug. ***

Comment 3 kl_other+mindrot 2015-08-16 20:24:21 AEST

Patch needs to be updated, as it will conflict on both sftp.c (options changed since patch) and scp.c (the declaration of "n" added since patch). Patch changes behaviour in two ways:

* Sets ForwardAgent=no by default, ForwardAgent=yes if -A is set.
* Sets ForwardAgent=no after processing other args, which allows -oForwardAgent=yes to take effect, as ssh ignores duplicate command-line options.

Once updated, I'd very much like this patch to go through.

Comment 4 kl_other+mindrot 2015-08-17 01:56:46 AEST

Created attachment 2683 [details]
Add -A option to scp and sftp (updated, git format-patch)

This is an updated version of Damien Miller's patch. It should feature-wise be identical, just without merge nightmares.

Comment 5 Damien Miller 2019-09-13 14:38:10 AEST

*** Bug 3065 has been marked as a duplicate of this bug. ***

Comment 6 Christian Weisgerber 2019-09-13 22:14:15 AEST

Created attachment 3328 [details]
Add -A option to scp

FWIW, here's the full patch for scp from bug 3065.

Comment 7 Damien Miller 2020-07-31 14:20:21 AEST

Created attachment 3437 [details]
Allow -A in sftp and scp

This option adds support for -A in both scp and sftp. It relies on ssh(1) following first-match-wins when processing its command line arguments (which it does)

Comment 8 Damien Miller 2020-08-03 12:44:51 AEST

patch applied and will be in openssh-8.4

Comment 9 Darren Tucker 2020-10-02 14:55:01 AEST

Mass close of all bugs fixed in 8.4 release.