-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssh-agent: remove all keys upon SIGUSR1.. #297
base: master
Are you sure you want to change the base?
Conversation
Ah. Merde! Sorry, i thought "mergeable" meant the pull request! |
..and one more sorry, this was not meant to be closed. I might become a github expert. |
This looks good to me and the better signal handling could allow us to make Would appreciate @daztucker taking a look at this too |
(It is all taken from sshd.c of course. Only to mention it. I .. do not implement this cleanup like it is done in sshd.c in this context here now!?!) |
5379896
to
0da49a8
Compare
But surely not because of this changeset, no? |
0da49a8
to
762b6c4
Compare
65c2811
to
1390b23
Compare
(i do not understand this CI-fuzz github thing which fails in one out of dozens of things. this should have nothing to do with the little patch, i would think.) |
With the advent of per-user temporary directories it became hard for an administrator to remove all keys from all running ssh-agent instances; what formerly could be done like so if command -v ssh-add >/dev/null 2>&1; then for a in /tmp/ssh-*/agent.*; do [ -e "$a" ] || continue act "SSH_AUTH_SOCK=\"$a\" ssh-add -D </dev/null >/dev/null 2>&1 &" inc done fi has become a major undertaking, especially with even more containerization. Being able to remove all keys from all agents with a single command seems so desirable that it is available in other agents in the software world.
Interestingly "the ppoll part has just recently been committed" almost as stated here. |
P.S.: "you would have had it 22 months ago": within less than 30 seconds. |
With the advent of per-user temporary directories it became
hard for an administrator to remove all keys from all running
ssh-agent instances; what formerly could be done like so
if command -v ssh-add >/dev/null 2>&1; then
for a in /tmp/ssh-/agent.; do
[ -e "$a" ] || continue
act "SSH_AUTH_SOCK="$a" ssh-add -D </dev/null >/dev/null 2>&1 &"
inc
done
fi
has become a major undertaking, especially with even more
containerization. Being able to remove all keys from all agents
with a single command seems so desirable that it is available in
other agents in the software world.