summaryrefslogtreecommitdiff
path: root/ssh-add.c
diff options
context:
space:
mode:
authordjm <djm>2003-01-24 00:36:23 +0000
committerdjm <djm>2003-01-24 00:36:23 +0000
commitdcd8df5415c670ee79dade52a42095193102f4a2 (patch)
treef60ff0a09ea798d99db81f9ce9b3f3f1caa42204 /ssh-add.c
parentf7c5d1d1e94becde34c0da5554a11a3c4d0ce497 (diff)
downloadopenssh-dcd8df5415c670ee79dade52a42095193102f4a2.tar.gz
- markus@cvs.openbsd.org 2003/01/23 13:50:27
[authfd.c authfd.h readpass.c ssh-add.1 ssh-add.c ssh-agent.c] ssh-add -c, prompt user for confirmation (using ssh-askpass) when private agent key is used; with djm@; test by dugsong@, djm@; ok deraadt@
Diffstat (limited to 'ssh-add.c')
-rw-r--r--ssh-add.c17
1 files changed, 14 insertions, 3 deletions
diff --git a/ssh-add.c b/ssh-add.c
index 4f4ab3a0..0c2ce163 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -35,7 +35,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.64 2002/11/21 23:03:51 deraadt Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.65 2003/01/23 13:50:27 markus Exp $");
#include <openssl/evp.h>
@@ -70,6 +70,9 @@ static char *default_files[] = {
/* Default lifetime (0 == forever) */
static int lifetime = 0;
+/* User has to confirm key use */
+static int confirm = 0;
+
/* we keep a cache of one passphrases */
static char *pass = NULL;
static void
@@ -165,12 +168,16 @@ add_file(AuthenticationConnection *ac, const char *filename)
}
}
- if (ssh_add_identity_constrained(ac, private, comment, lifetime)) {
+ if (ssh_add_identity_constrained(ac, private, comment, lifetime,
+ confirm)) {
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
ret = 0;
if (lifetime != 0)
fprintf(stderr,
"Lifetime set to %d seconds\n", lifetime);
+ if (confirm != 0)
+ fprintf(stderr,
+ "The user has to confirm each use of the key\n");
} else if (ssh_add_identity(ac, private, comment)) {
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
ret = 0;
@@ -292,6 +299,7 @@ usage(void)
fprintf(stderr, " -x Lock agent.\n");
fprintf(stderr, " -X Unlock agent.\n");
fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n");
+ fprintf(stderr, " -c Require confirmation to sign using identities\n");
#ifdef SMARTCARD
fprintf(stderr, " -s reader Add key in smartcard reader.\n");
fprintf(stderr, " -e reader Remove key in smartcard reader.\n");
@@ -319,7 +327,7 @@ main(int argc, char **argv)
fprintf(stderr, "Could not open a connection to your authentication agent.\n");
exit(2);
}
- while ((ch = getopt(argc, argv, "lLdDxXe:s:t:")) != -1) {
+ while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) {
switch (ch) {
case 'l':
case 'L':
@@ -333,6 +341,9 @@ main(int argc, char **argv)
ret = 1;
goto done;
break;
+ case 'c':
+ confirm = 1;
+ break;
case 'd':
deleting = 1;
break;