Displaying 16 results from an estimated 16 matches for "identityag".
Did you mean:
identity
2024 Jan 03
1
How to get "Enter passphrase" on command line rather than GUI pop-up?
...or my set-up. I thought I'd
> tried unsetting SSH_AUTH_SOCK before but obviously I hadn't, I guess
> the need to specify the key file is a result of not having that but
> it's not a problem for me really.
You might like to try something like this in .ssh/config
Host backup
IdentityAgent none
IdentityFile ~/backup_id_rsa
2014 Mar 24
8
[Bug 2216] New: allow forwarding a different socket than SSH_AUTH_SOCK
https://bugzilla.mindrot.org/show_bug.cgi?id=2216
Bug ID: 2216
Summary: allow forwarding a different socket than SSH_AUTH_SOCK
Product: Portable OpenSSH
Version: 6.5p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs
2024 Jan 02
1
How to get "Enter passphrase" on command line rather than GUI pop-up?
>
> There must be *something* in the environment that affects this because
> I'm seeing two different ways of asking for the passphrase on the same
> screen. The only difference is that one is a simple terminal window
> running on my system and the other is one where I have used ssh to
> connect to a remote system and then ssh again back to the 'home'
> system.
2024 Jan 10
0
[Bug 3652] New: KnownHostsCommand should expand tokens and environment variables on first argument
...accept the tokens described in the ?TOKENS? section.
> Arguments to some keywords can be expanded at runtime from environment variables on the client by enclosing them in ${}, for example ${HOME}/.ssh would refer to the user's .ssh directory. [...] The keywords CertificateFile, ControlPath, IdentityAgent, IdentityFile, KnownHostsCommand, and UserKnownHostsFile support environment variables.
In the implementation[1] the first argument (script or binary to be
invoked) is excluded from being parsed. While the documentation quoted
above can be interpreted such that this is the intended behaviour, t...
2023 Mar 06
1
Feature request: a good way to supply short-lived certificates to openssh
...e command, they fail to authenticate and have to do it manually.
ssh_config contains a Match ... exec [command to refresh the certificate]. This sort of works, except that it runs the command far too frequently. For example, ssh -O exit [name] refreshes the certificate, and it should not do so.
IdentityAgent could point to a custom agent. This would be more useful if ssh could _start_ the agent. In any case, this requires an agent, which is more complex than a tool that refreshes a certificate.
PKCS11Provider doesn't seem useful.
ProxyCommand could specify a command that refreshes the certif...
2018 Mar 20
4
Informing the SSH agent of the target user@server
...nt.
If this sounds like a good idea I'd be happy to give implementing it in
OpenSSH a go and submit a patch. I want to get a feeling for whether any
of this sounds like a workable plan before I do that.
Hacky approaches that would not require changes to the ssh client
include using setting IdentityAgent to <path>/%u@%h:%p where <path> is a
virtual filesystem that materializes sockets as required; using
LD_PRELOAD to hook the agent socket and inject the appropriate info;
setting ProxyCommand to something that informs the agent ahead of time;
or just wrapping ssh in something that...
2018 Oct 19
0
Announce: OpenSSH 7.9 released
...and CA key
fingerprint).
Changes since OpenSSH 7.8
=========================
This is primarily a bugfix release.
New Features
------------
* ssh(1), sshd(8): allow most port numbers to be specified using
service names from getservbyname(3) (typically /etc/services).
* ssh(1): allow the IdentityAgent configuration directive to accept
environment variable names. This supports the use of multiple
agent sockets without needing to use fixed paths.
* sshd(8): support signalling sessions via the SSH protocol.
A limited subset of signals is supported and only for login or
command sess...
2023 Mar 06
3
Feature request: a good way to supply short-lived certificates to openssh
On Tue, 7 Mar 2023 at 05:26, Andy Lutomirski <luto at kernel.org> wrote:
[...]
> ssh_config contains a Match ... exec [command to refresh the certificate]. This sort of works,
> except that it runs the command far too frequently. For example, ssh -O exit [name] refreshes
> the certificate, and it should not do so.
You can have the command check if the cert is expired or near
2020 Mar 26
6
[Bug 3140] New: support a token for XDG_RUNTIME_DIR
https://bugzilla.mindrot.org/show_bug.cgi?id=3140
Bug ID: 3140
Summary: support a token for XDG_RUNTIME_DIR
Product: Portable OpenSSH
Version: 8.2p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
2016 Aug 01
0
Announce: OpenSSH 7.3 released
...ar environment variables set via PAM. CVE-2015-8325,
found by Shayan Sadigh.
New Features
------------
* ssh(1): Add a ProxyJump option and corresponding -J command-line
flag to allow simplified indirection through a one or more SSH
bastions or "jump hosts".
* ssh(1): Add an IdentityAgent option to allow specifying specific
agent sockets instead of accepting one from the environment.
* ssh(1): Allow ExitOnForwardFailure and ClearAllForwardings to be
optionally overridden when using ssh -W. bz#2577
* ssh(1), sshd(8): Implement support for the IUTF8 terminal mode as...
2016 Jul 22
18
Call for testing: OpenSSH 7.3
...ar environment variables set via PAM. CVE-2015-8325,
found by Shayan Sadigh.
New Features
------------
* ssh(1): Add a ProxyJump option and corresponding -J command-line
flag to allow simplified indirection through a one or more SSH
bastions or "jump hosts".
* ssh(1): Add an IdentityAgent option to allow specifying specific
agent sockets instead of accepting one from the environment.
* ssh(1): Allow ExitOnForwardFailure and ClearAllForwardings to be
optionally overridden when using ssh -W. bz#2577
* ssh(1), sshd(8): Implement support for the IUTF8 terminal mode as...
2023 May 14
18
[Bug 3572] New: ssh-agent refused operation when using FIDO2 with -O verify-required
https://bugzilla.mindrot.org/show_bug.cgi?id=3572
Bug ID: 3572
Summary: ssh-agent refused operation when using FIDO2 with -O
verify-required
Product: Portable OpenSSH
Version: 9.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component:
2020 Oct 04
6
ability to select which identity to forward when using "ForwardAgent" ?
Hi,
I usually have around 10 identities loaded in my local ssh-agent and when I
use the "ForwardAgent" option all them are forwarded to the remote server,
which is not ideal. I usually only need to forward one (or two) of the
identities and I would like to be able to choose which one(s) to forward.
Looking for solutions it seems that the only option is to create a new
ssh-agent, add
2020 Sep 27
0
Announce: OpenSSH 8.4 released
...for using FIDO keys in web
browsers. These signatures are a slightly different format to plain
FIDO signatures and thus require explicit support.
* ssh(1): allow some keywords to expand shell-style ${ENV}
environment variables. The supported keywords are CertificateFile,
ControlPath, IdentityAgent and IdentityFile, plus LocalForward and
RemoteForward when used for Unix domain socket paths. bz#3140
* ssh(1), ssh-agent(1): allow some additional control over the use of
ssh-askpass via a new $SSH_ASKPASS_REQUIRE environment variable,
including forcibly enabling and disabling its us...
2020 Sep 20
13
Call for testing: OpenSSH 8.4
...for using FIDO keys in web
browsers. These signatures are a slightly different format to plain
FIDO signatures and thus require explicit support.
* ssh(1): allow some keywords to expand shell-style ${ENV}
environment variables. The supported keywords are CertificateFile,
ControlPath, IdentityAgent and IdentityFile, plus LocalForward and
RemoteForward when used for Unix domain socket paths. bz#3140
* ssh(1), ssh-agent(1): allow some additional control over the use of
ssh-askpass via a new $SSH_ASKPASS_REQUIRE environment variable,
including forcibly enabling and disabling its us...
2018 Oct 11
13
Call for testing: OpenSSH 7.9
...and CA key
fingerprint).
Changes since OpenSSH 7.8
=========================
This is primarily a bugfix release.
New Features
------------
* ssh(1), sshd(8): allow most port numbers to be specified using
service names from getservbyname(3) (typically /etc/services).
* ssh(1): allow the IdentityAgent configuration directive to accept
environment variable names. This supports the use of multiple
agent sockets without needing to use fixed paths.
* sshd(8): support signalling sessions via the SSH protocol.
A limited subset of signals is supported and only for login or
command sess...