bugzilla-daemon at mindrot.org
2014-Mar-24 15:30 UTC
[Bug 2216] New: allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 Bug ID: 2216 Summary: allow forwarding a different socket than SSH_AUTH_SOCK Product: Portable OpenSSH Version: 6.5p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: chrysn at fsfe.org when a user has different ssh agents running, or is using ssh-agent-filter[1], it is desirable to use one ssh agent for authenticating against the remote server, but to forward another one. ssh could have a `ForwardAgentSocket` option, which specifies a different socket, and defaults to `${SSH_AUTH_SOCK}`. whether it's feasible to evaluate variables in that option (so a user could put `Host * / ForwardAgentSocket ${SSH_AUTH_SOCK_ONLYGITKEYS}` in a git config) is up to the way the config file is handled. the option should be accepted by `-o` too. together with ssh-agent-filter, or by running separate agents for work and linux, this would solve the bug #1937 without further workarounds. [1] https://github.com/tiwe-de/ssh-agent-filter -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Aug-20 14:05 UTC
[Bug 2216] allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 --- Comment #1 from chrysn at fsfe.org --- given that forwarding generic unix sockets is possible since 6.7, this can *almost* be done by hand yet. what is missing is the possibility to determine a writable location on the remote server (as $HOME can not be expanded beforehand), and a way of setting that writable location as an environment variable. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Nov-08 02:31 UTC
[Bug 2216] allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 daniel.black at au.ibm.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |daniel.black at au.ibm.com --- Comment #2 from daniel.black at au.ibm.com --- Does IdentityAgent support this requirement along with port forwarding now? -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Nov-08 09:59 UTC
[Bug 2216] allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 --- Comment #3 from chrysn at fsfe.org --- Not as far as I can tell from the documentation. IdentityAgent still does not allow a distinction between the agent that is used for authentication and the agent that is forwarded. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Nov-08 22:46 UTC
[Bug 2216] allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 --- Comment #4 from Daniel Black <daniel at linux.vnet.ibm.com> --- Apologies, missed that distinction. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Nov-22 13:19 UTC
[Bug 2216] allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 Jasper Wallace <jasper at arcolaenergy.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jasper at arcolaenergy.com See Also| |https://bugzilla.mindrot.or | |g/show_bug.cgi?id=1937 -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-Dec-20 22:36 UTC
[Bug 2216] allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 Andr?s Korn <korn-mindrot.org at elan.rulez.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |korn-mindrot.org at elan.rulez | |.org --- Comment #5 from Andr?s Korn <korn-mindrot.org at elan.rulez.org> --- *** Bug 3106 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-Dec-21 02:45 UTC
[Bug 2216] allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED CC| |djm at mindrot.org Blocks| |3079 Status|NEW |RESOLVED --- Comment #6 from Damien Miller <djm at mindrot.org> --- This has been implemented and will be in the openssh-8.2 release: commit 40be78f503277bd91c958fa25ea9ef918a2ffd3d Author: djm at openbsd.org <djm at openbsd.org> Date: Sat Dec 21 02:19:13 2019 +0000 upstream: Allow forwarding a different agent socket to the path specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to accepting an explicit path or the name of an environment variable in addition to yes/no. Patch by Eric Chiang, manpage by me; ok markus@ OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=3079 [Bug 3079] Tracking bug for 8.2 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 04:57 UTC
[Bug 2216] allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #7 from Damien Miller <djm at mindrot.org> --- closing resolved bugs as of 8.6p1 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
Seemingly Similar Threads
- [Bug 2217] New: allow using _ssh._tcp SRV records
- [Bug 14529] New: Please add option to save metadata to single file to speed up backups
- [Bug 3079] New: Tracking bug for 8.2 release
- [Bug 2016] SCTP Support
- [Bug 3048] New: ssh reads from the wrong directory in user namespace