ssh-add 6.7 inserts RSA keys into the ssh-agent as "rsa w/o comment" instead of filenames

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi OpenSSH folks--

as of version 6.7 (the first version i noticed this in), it looks to me
like adding ssh keys to ssh-agent marks them all as "rsa w/o comment",
instead of putting the filename as the comment.

This appears to be because of the key function overhaul in
8668706d0f52654fe64c0ca41a96113aeab8d2b8.

ssh-add.c loads the secret keys via library-like invocations of
functions in sshkey.c, and if the comment returned is NULL, it sets the
comment to be the filename.

But in practice, these functions now return "rsa w/o comment" as the
comment, so the filename never gets applied as a comment.

Possible ways to fix:

 * One fix would be to have the functions return a NULL for the comment.

 * Another fix would be to have ssh-add just override the comment
   explicitly. 

 * A third fix would be to pass a "proposed comment" into the
   library-like call, which could be overridden by future versions if
   they're aware of a superior comment after having parsed the key.

I also note that there is no way for a user of ssh-add to explicitly set
the comment directly -- adding something like that would be a distinct
feature, i think.

Regards,

        --dkg

Attachment: pgpR346a5iiPt.pgp
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux