Created attachment 2001 [details] allow ssh-add to read from FIFOs It looks like ssh-add can no longer read from FIFOs as of 5.7p1 (since the switch from PEM_read_PrivateKey() to PEM_read_bio_PrivateKey(), and reading the file into an ssh buffer directly). Being able to read from a FIFO is nice for tools that don't want to put keys directly on the filesystem. In fact, we were relying on that behavior for the monkeysphere, and it's currently breaking because of the change: https://labs.riseup.net/code/issues/2735 The attached patch fixes things so that ssh-add can read from a FIFO again.
Created attachment 2002 [details] allow ssh-add to read from FIFOs updated patch to use S_ISFIFO() instead of testing the st_mode bits directly (thanks, Clint Adams)
I got bit by this change, and it took some time to figure out what caused it. Based on the commits, it doesn't appear as if removing the capability to read from a FIFO was deliberate, but rather was an unintended regression. I tried the attached patch and it restores the capability for me, I support its inclusion as soon as possible.
I ran into the same bug using openssh-client 1:5.8p1-2 from debian sid repo, also reproduced with a vanilla openssh 5.8p1 from an official openssh mirror. I found the error by using monkeysphere subkey-to-ssh-client, after which ssh-agent did not add a new identity as expected. Tried the attached patch and it works as expected again, identity added and working for ssh. Would be great to see this patch included so FIFOs start working again.
This is fixed in -current in a different way and will be in OpenSSH 5.9. As a bonus, you can now "ssh-add - < /path/to/key"
close resolved bugs now that openssh-5.9 has been released