Hi OpenSSH folks--
as of version 6.7 (the first version i noticed this in), it looks to me
like adding ssh keys to ssh-agent marks them all as "rsa w/o comment",
instead of putting the filename as the comment.
This appears to be because of the key function overhaul in
8668706d0f52654fe64c0ca41a96113aeab8d2b8.
ssh-add.c loads the secret keys via library-like invocations of
functions in sshkey.c, and if the comment returned is NULL, it sets the
comment to be the filename.
But in practice, these functions now return "rsa w/o comment" as the
comment, so the filename never gets applied as a comment.
Possible ways to fix:
* One fix would be to have the functions return a NULL for the comment.
* Another fix would be to have ssh-add just override the comment
explicitly.
* A third fix would be to pass a "proposed comment" into the
library-like call, which could be overridden by future versions if
they're aware of a superior comment after having parsed the key.
I also note that there is no way for a user of ssh-add to explicitly set
the comment directly -- adding something like that would be a distinct
feature, i think.
Regards,
--dkg
Attachment:
pgpR346a5iiPt.pgp
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
