About OpenSSH and ...
Original is Japanese text.
Please forgive, even if a mistake occurs and the reply to an inquiry is slow.
- Can't forward agent with OpenSSH <--> SSH2
OpenSSH Between SSH2(thing after SSH Secure Shell Version 2) can't forward agent. (in Protocol 1, are possible)
Doesn't it become somehow?
By the reason for saying, it does by force. Agent forwarding is made to perform. patch was made.
draft-ietf-secsh-agent-02.txt(Internet Draft) correspondence version
Since it is only the portion currently written to Internet Draft, LICENSE is perhaps safely.
The patch only made socket for agent forwarding.
Forwarding becomes effective, if ssh(OpenSSH) and ssh-agent(OpenSSH) -- or -- ssh2 and ssh-agent2 is used.
Even if it seems that forwarding is not effective in the path, it is for agent forwarding,
If socket is made, it will not those with a problem.
(SSH_AUTH_SOCK and SSH2_AUTH_SOCK should just be set up.)
To SSH2 It can be made to perform agent forwarding. (only required function).
Please apply after patching
This time Since ssh-add2 is not Internet Draft conformity, it cannot perform a key addition.
(However, in ssh-add, it is possible.)
It is the present condition here, Since it corresponds to SSH2, there is the minimum addition.
(The portion of operation of Private Key corresponding to "hash-and-sign[pkcs1, sha1]" in ssh-agent.c.
However it is in Internet Draft, The same operation as "hash-and-sign".)
From ssh-agent2 to OpenSSH, It is made effective agent forwarding.
Please apply after patching
Also this Since ssh-agent2 is not Internet Draft conformity,
a key addition can't be performed in ssh-add (possible in ssh-add2).
openssh-5.4p1-fwd_agent-agent-0.81.patch.bz2 is simultaneously applicable.
The test version
With moreover, ssh-keygen in OpenSSH, It sets to conversion of SSH2 Private Key,
and is SSH2 Private Key. passphrase It can treat, even if it attaches.
To draft-ietf-secsh-agent-02.txt(Internet Draft) Correspondence.
Addition of the key of draft-ietf-secsh-agent-02.txt specification test Unknown in whether it uses or not,
since it has not done.
Since draft-ietf-secsh-agent-02.txt came out, the problem for having analyzed SSH2 may be lost.
(draft-ietf-secsh-agent-02.txt deleted in Internet Draft?)
However, ssh.com ssh-220.127.116.11 The specifications of addition of draft-ietf-secsh-agent-02.txt and a key differ.
For compatibility, an analysis result may still be necessity.
Support New private key format for ssh-keygen2 of new version.
Use when displayed
bad magic 0x3082**** != 0x3f6ff9eb
Be careful for law compatibility before
decode blob failed.
- A key is deleted from agent by fingerprint
The option which deletes a key from agent by fingerprint is attached.
If original ssh-add doesn't have a public key file, A key cannot be deleted from agent.
Even if there is no public key file I think with convenient that a key can be deleted from agent.
(I think that there is no opportunity to be helpful so much.)
Example: login remote host by ssh, a key is added at the point carried out.
Although carried out logout When you want to delete the key, etc...
Usage is 'ssh-add -r fingerprint'.
- With OpenSSH --> SSH2, A possibility that it can't use scp
The remote side If only SSH2 Only is installed,
% scp foo bar:
It suits and can't use scp.
scp: warning: Executing scp1 compatibility.
scp: FATAL: Executing ssh1 in compatibility mode failed (Check that scp1 is in your PATH).
In this case, if it is from the SSH2 side, scp It can do.
Install scp1 at remote side, or use sftp or use scp at remote side.
This patch is 'scp with sftp protocol'.
With Option -L [!]host[,...], use sftp protocol without '!' or use scp protocol with '!'
This Option can set by an environment variable. It can also be set as SCP_USE_SFTP_HOSTS.
Moreover, those who will use sftp protocol if '-s' is attached, it is made default.
However, when sftp protocol is used, zone restrictions of -l option lose their effect.
Since fault may remain, in case you use it, be careful.
- OpenSSH --> SSH2 Private Key converter
Patch for Private Key converter from OpenSSH Private Key to SSH2 Private Key with ssh-keygen
It is a by-product at the time of making patch for the test version agent forwarding.
usage -- ssh-keygen -z [-f keyfile]
After conversion SSH2 Private Key without passphrase is written out to standard output.
OpenBSD version (Thanks to Ralph Gessner)
and new version
if you treat Private Key with passphrase or new format of Private Key,
please try use ssh-keygen including testing version of forward agent.
ssh2 Private Key that can't be convert by original ssh-keygen, is made.
- sftp completion patch
Patch for completion command line in sftp(OLD)
Please execute configure with option '--with-libedit' and '--with-libedit-sftp-completion'.
This patch defined completion function (and default key assignment) for '.editrc'
complete(tab), possible-completions(M-?), delete-char-or-list-or-eof(^d), delete-char-or-list,
complete-local-filename(M-/), possible-local-filename-completions(^x /), complete-remote-filename(M-\) and
('M-[3~' assigned em-delete-or-list for internal use, so that redefine carefully.)
- Simple lock tool for ssh-agent
Simple lock tool for ssh-agent with xlock.
- subversion Repository
Last Modified Monday, 22-Mar-2010 23:40:00 JST