Bug#1059639: please give possibility for custom ssh-agent parameters
On Sat, Dec 30, 2023 at 06:01:35PM +, Colin Watson wrote: > I think the simplest approach would be to allow invoking something like > "/usr/lib/openssh/agent-launch start -- -t 1200", and pass the extra > arguments on to ssh-agent. You could then write a drop-in unit like > this: > > [Service] > ExecStart= > ExecStart=/usr/lib/openssh/agent-launch start -- -t 1200 > > Would that be acceptable? Yes, that is absolutely fine. Thank you. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Bug#1059639: please give possibility for custom ssh-agent parameters
On Fri, Dec 29, 2023 at 07:38:40PM +0100, Marc Haber wrote: > /usr/lib/openssh/agent-launch starts ssh-agent with a standard set of > parameters. I'd like to have -t 1200 added to that. > > Please consider adding a possibility to control the parameters that the > ssh agent is being invoked, for example by having an override unit, or > having /usr/lib/openssh/agent-launch read a user-specific configuration > file. My main concern is getting quoting right: ssh-agent does take some options were quoting can be relevant, especially -P. IMO that rules out approaches such as environment variables (well, it's not impossible, but it'd be a likely source of bugs). I think the simplest approach would be to allow invoking something like "/usr/lib/openssh/agent-launch start -- -t 1200", and pass the extra arguments on to ssh-agent. You could then write a drop-in unit like this: [Service] ExecStart= ExecStart=/usr/lib/openssh/agent-launch start -- -t 1200 Would that be acceptable? -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#1059639: please give possibility for custom ssh-agent parameters
Package: openssh-client Version: 1:9.6p1-2 Severity: wishlist Hi, /usr/lib/openssh/agent-launch starts ssh-agent with a standard set of parameters. I'd like to have -t 1200 added to that. Please consider adding a possibility to control the parameters that the ssh agent is being invoked, for example by having an override unit, or having /usr/lib/openssh/agent-launch read a user-specific configuration file. Greetings Marc -- System Information: Debian Release: trixie/sid APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.6.8-amd64 (SMP w/12 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-client depends on: ii adduser 3.137 ii libc6 2.37-13 ii libedit2 3.1-20230828-1 ii libfido2-11.14.0-1 ii libgssapi-krb5-2 1.20.1-5 ii libselinux1 3.5-1+b1 ii libssl3 3.1.4-2 ii passwd1:4.13+dfsg1-3 ii zlib1g1:1.3.dfsg-3 Versions of packages openssh-client recommends: ii xauth 1:1.1.2-1 Versions of packages openssh-client suggests: pn keychain ii ksshaskpass [ssh-askpass] 4:5.27.9-1 pn libpam-ssh pn monkeysphere -- no debconf information