Bugzilla – Attachment 3437 Details for
Bug 831
Allow agent forwarding in sftp & scp
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Allow -A in sftp and scp
bz831.diff (text/plain), 3.97 KB, created by
Damien Miller
on 2020-07-31 14:20:21 AEST
(
hide
)
Description:
Allow -A in sftp and scp
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2020-07-31 14:20:21 AEST
Size:
3.97 KB
patch
obsolete
>diff --git a/scp.1 b/scp.1 >index d5f65af..cfa86a4 100644 >--- a/scp.1 >+++ b/scp.1 >@@ -18,7 +18,7 @@ > .Nd OpenSSH secure file copy > .Sh SYNOPSIS > .Nm scp >-.Op Fl 346BCpqrTv >+.Op Fl 346ABCpqrTv > .Op Fl c Ar cipher > .Op Fl F Ar ssh_config > .Op Fl i Ar identity_file >@@ -86,6 +86,11 @@ to use IPv4 addresses only. > Forces > .Nm > to use IPv6 addresses only. >+.It Fl A >+Allows forwarding of >+.Xr ssh-agent 1 >+to the remote system. >+The default is not to forward an authentication agent. > .It Fl B > Selects batch mode (prevents asking for passwords or passphrases). > .It Fl C >diff --git a/scp.c b/scp.c >index d0bf05c..c4ce5ce 100644 >--- a/scp.c >+++ b/scp.c >@@ -401,7 +401,6 @@ main(int argc, char **argv) > args.list = remote_remote_args.list = NULL; > addargs(&args, "%s", ssh_program); > addargs(&args, "-x"); >- addargs(&args, "-oForwardAgent=no"); > addargs(&args, "-oPermitLocalCommand=no"); > addargs(&args, "-oClearAllForwardings=yes"); > addargs(&args, "-oRemoteCommand=none"); >@@ -409,7 +408,7 @@ main(int argc, char **argv) > > fflag = Tflag = tflag = 0; > while ((ch = getopt(argc, argv, >- "dfl:prtTvBCc:i:P:q12346S:o:F:J:")) != -1) { >+ "12346ABCTdfpqrtvF:J:P:S:c:i:l:o:")) != -1) { > switch (ch) { > /* User-visible flags. */ > case '1': >@@ -418,6 +417,7 @@ main(int argc, char **argv) > case '2': > /* Ignored */ > break; >+ case 'A': > case '4': > case '6': > case 'C': >@@ -496,6 +496,9 @@ main(int argc, char **argv) > argc -= optind; > argv += optind; > >+ /* Do this last because we want the user to be able to override it */ >+ addargs(&args, "-oForwardAgent=no"); >+ > if ((pwd = getpwuid(userid = getuid())) == NULL) > fatal("unknown user %u", (u_int) userid); > >@@ -1558,7 +1561,7 @@ void > usage(void) > { > (void) fprintf(stderr, >- "usage: scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]\n" >+ "usage: scp [-346ABCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]\n" > " [-J destination] [-l limit] [-o ssh_option] [-P port]\n" > " [-S program] source ... target\n"); > exit(1); >diff --git a/sftp.1 b/sftp.1 >index a305b37..fb2fb5e 100644 >--- a/sftp.1 >+++ b/sftp.1 >@@ -30,7 +30,7 @@ > .Nd OpenSSH secure file transfer > .Sh SYNOPSIS > .Nm sftp >-.Op Fl 46aCfNpqrv >+.Op Fl 46AaCfNpqrv > .Op Fl B Ar buffer_size > .Op Fl b Ar batchfile > .Op Fl c Ar cipher >@@ -104,6 +104,11 @@ to use IPv4 addresses only. > Forces > .Nm > to use IPv6 addresses only. >+.It Fl A >+Allows forwarding of >+.Xr ssh-agent 1 >+to the remote system. >+The default is not to forward an authentication agent. > .It Fl a > Attempt to continue interrupted transfers rather than overwriting > existing partial or complete copies of files. >diff --git a/sftp.c b/sftp.c >index becdb93..c8dc699 100644 >--- a/sftp.c >+++ b/sftp.c >@@ -2316,7 +2316,7 @@ usage(void) > extern char *__progname; > > fprintf(stderr, >- "usage: %s [-46aCfNpqrv] [-B buffer_size] [-b batchfile] [-c cipher]\n" >+ "usage: %s [-46AaCfNpqrv] [-B buffer_size] [-b batchfile] [-c cipher]\n" > " [-D sftp_server_path] [-F ssh_config] [-i identity_file]\n" > " [-J destination] [-l limit] [-o ssh_option] [-P port]\n" > " [-R num_requests] [-S program] [-s subsystem | sftp_server]\n" >@@ -2351,7 +2351,6 @@ main(int argc, char **argv) > args.list = NULL; > addargs(&args, "%s", ssh_program); > addargs(&args, "-oForwardX11 no"); >- addargs(&args, "-oForwardAgent no"); > addargs(&args, "-oPermitLocalCommand no"); > addargs(&args, "-oClearAllForwardings yes"); > >@@ -2359,9 +2358,10 @@ main(int argc, char **argv) > infile = stdin; > > while ((ch = getopt(argc, argv, >- "1246afhNpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) { >+ "1246AafhNpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) { > switch (ch) { > /* Passed through to ssh(1) */ >+ case 'A': > case '4': > case '6': > case 'C': >@@ -2461,6 +2461,9 @@ main(int argc, char **argv) > } > } > >+ /* Do this last because we want the user to be able to override it */ >+ addargs(&args, "-oForwardAgent no"); >+ > if (!isatty(STDERR_FILENO)) > showprogress = 0; >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3437">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 831
:
594
|
2683
|
3328
| 3437