Bugzilla – Attachment 3165 Details for
Bug 2670
Add ssh_config option that sets the lifetime of the key if added via AddKeysToAgent
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Adds "AddKeysToAgentTimeout" option for ssh_config
AddKeysToAgentTimeout.patch (text/plain), 4.70 KB, created by
djl
on 2018-07-19 20:02:11 AEST
(
hide
)
Description:
Adds "AddKeysToAgentTimeout" option for ssh_config
Filename:
MIME Type:
Creator:
djl
Created:
2018-07-19 20:02:11 AEST
Size:
4.70 KB
patch
obsolete
>diff -Naru openssh-7.7p1/readconf.c patched/readconf.c >--- openssh-7.7p1/readconf.c 2018-04-02 06:38:28.000000000 +0100 >+++ patched/readconf.c 2018-07-18 20:12:38.143760190 +0100 >@@ -147,7 +147,7 @@ > oPasswordAuthentication, oRSAAuthentication, > oChallengeResponseAuthentication, oXAuthLocation, > oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, >- oCertificateFile, oAddKeysToAgent, oIdentityAgent, >+ oCertificateFile, oAddKeysToAgent, oAddKeysToAgentTimeout, oIdentityAgent, > oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, > oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, > oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, >@@ -237,6 +237,7 @@ > { "identitiesonly", oIdentitiesOnly }, > { "certificatefile", oCertificateFile }, > { "addkeystoagent", oAddKeysToAgent }, >+ { "addkeystoagenttimeout", oAddKeysToAgentTimeout }, > { "identityagent", oIdentityAgent }, > { "hostname", oHostName }, > { "hostkeyalias", oHostKeyAlias }, >@@ -1640,6 +1641,10 @@ > multistate_ptr = multistate_yesnoaskconfirm; > goto parse_multistate; > >+ case oAddKeysToAgentTimeout: >+ intptr = &options->add_keys_to_agent_timeout; >+ goto parse_time; >+ > case oIdentityAgent: > charptr = &options->identity_agent; > goto parse_string; >@@ -1828,6 +1833,7 @@ > options->permit_local_command = -1; > options->remote_command = NULL; > options->add_keys_to_agent = -1; >+ options->add_keys_to_agent_timeout = -1; > options->identity_agent = NULL; > options->visual_host_key = -1; > options->ip_qos_interactive = -1; >@@ -1935,6 +1941,8 @@ > /* options->hostkeyalgorithms, default set in myproposals.h */ > if (options->add_keys_to_agent == -1) > options->add_keys_to_agent = 0; >+ if (options->add_keys_to_agent_timeout == -1) >+ options->add_keys_to_agent_timeout = 0; > if (options->num_identity_files == 0) { > add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA, 0); > add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0); >diff -Naru openssh-7.7p1/readconf.h patched/readconf.h >--- openssh-7.7p1/readconf.h 2018-04-02 06:38:28.000000000 +0100 >+++ patched/readconf.h 2018-07-18 19:38:30.292353771 +0100 >@@ -96,6 +96,7 @@ > struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; > > int add_keys_to_agent; >+ int add_keys_to_agent_timeout; > char *identity_agent; /* Optional path to ssh-agent socket */ > > /* Local TCP/IP forward requests. */ >diff -Naru openssh-7.7p1/ssh.0 patched/ssh.0 >--- openssh-7.7p1/ssh.0 2018-04-02 06:39:27.000000000 +0100 >+++ patched/ssh.0 2018-07-19 10:22:17.149910735 +0100 >@@ -228,6 +228,7 @@ > ssh_config(5). > > AddKeysToAgent >+ AddKeysToAgentTimeout > AddressFamily > BatchMode > BindAddress >diff -Naru openssh-7.7p1/ssh.1 patched/ssh.1 >--- openssh-7.7p1/ssh.1 2018-04-02 06:38:28.000000000 +0100 >+++ patched/ssh.1 2018-07-19 10:21:56.373473715 +0100 >@@ -458,6 +458,7 @@ > .Pp > .Bl -tag -width Ds -offset indent -compact > .It AddKeysToAgent >+.It AddKeysToAgentTimeout > .It AddressFamily > .It BatchMode > .It BindAddress >diff -Naru openssh-7.7p1/ssh_config.0 patched/ssh_config.0 >--- openssh-7.7p1/ssh_config.0 2018-04-02 06:39:27.000000000 +0100 >+++ patched/ssh_config.0 2018-07-19 10:36:35.567109261 +0100 >@@ -95,6 +95,11 @@ > the agent. The argument must be yes, confirm, ask, or no (the > default). > >+ AddKeysToAgentTimeout >+ Specifies a timeout for keys added to the agent using the >+ format described in the TIME FORMATS section of >+ sshd_config(5). >+ > AddressFamily > Specifies which address family to use when connecting. Valid > arguments are any (the default), inet (use IPv4 only), or inet6 >diff -Naru openssh-7.7p1/ssh_config.5 patched/ssh_config.5 >--- openssh-7.7p1/ssh_config.5 2018-04-02 06:38:28.000000000 +0100 >+++ patched/ssh_config.5 2018-07-19 10:35:35.230912462 +0100 >@@ -234,6 +234,12 @@ > or > .Cm no > (the default). >+.It Cm AddKeysToAgentTimeout >+Specifies a timeout for keys added to the agent using the format >+described in the >+.Sx TIME FORMATS >+section of >+.Xr sshd_config 5 . > .It Cm AddressFamily > Specifies which address family to use when connecting. > Valid arguments are >diff -Naru openssh-7.7p1/sshconnect.c patched/sshconnect.c >--- openssh-7.7p1/sshconnect.c 2018-04-02 06:38:28.000000000 +0100 >+++ patched/sshconnect.c 2018-07-18 20:05:11.441144644 +0100 >@@ -1592,7 +1592,8 @@ > return; > } > >- if ((r = ssh_add_identity_constrained(auth_sock, private, comment, 0, >+ if ((r = ssh_add_identity_constrained(auth_sock, private, comment, >+ options.add_keys_to_agent_timeout, > (options.add_keys_to_agent == 3), 0)) == 0) > debug("identity added to agent: %s", authfile); > else
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3165">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2670
:
3165
|
3188
|
3439