diff options
| author |   djm <djm@openbsd.org> | 2009-08-27 17:44:52 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2009-08-27 17:44:52 +0000 |
| commit | 5d5698f1231e93a6acbeadd6df1f2219b84e049e (patch) | |
| tree | febc685cea04c719b4695e9dd659577929bb90a2 /usr.bin/ssh/ssh-add.c | |
| parent | allow setting an explicit umask on the commandline to override whatever (diff) | |
| download | wireguard-openbsd-5d5698f1231e93a6acbeadd6df1f2219b84e049e.tar.xz wireguard-openbsd-5d5698f1231e93a6acbeadd6df1f2219b84e049e.zip | |
Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
when the agent refuses the constrained add request. This was a useful
migration measure back in 2002 when constraints were new, but just
adds risk now.
bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
Diffstat (limited to 'usr.bin/ssh/ssh-add.c')
| -rw-r--r-- | usr.bin/ssh/ssh-add.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c index 07bc23f7a9d..93ea32d9a79 100644 --- a/usr.bin/ssh/ssh-add.c +++ b/usr.bin/ssh/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.90 2007/09/09 11:38:01 sobrado Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.91 2009/08/27 17:44:52 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -191,9 +191,6 @@ add_file(AuthenticationConnection *ac, const char *filename) if (confirm != 0) fprintf(stderr, "The user has to confirm each use of the key\n"); - } else if (ssh_add_identity(ac, private, comment)) { - fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); - ret = 0; } else { fprintf(stderr, "Could not add identity: %s\n", filename); } |