From owner-freebsd-stable Fri Mar 2 9:39:15 2001 Delivered-To: freebsd-stable@freebsd.org Received: from mta5.snfc21.pbi.net (mta5.snfc21.pbi.net [206.13.28.241]) by hub.freebsd.org (Postfix) with ESMTP id 0B44537B71A for ; Fri, 2 Mar 2001 09:39:10 -0800 (PST) (envelope-from faber@lunabase.org) Received: from lunabase.org ([63.200.244.106]) by mta5.snfc21.pbi.net (Sun Internet Mail Server sims.3.5.2000.01.05.12.18.p9) with ESMTP id <0G9K00184ZB0DB@mta5.snfc21.pbi.net> for freebsd-stable@freebsd.org; Fri, 2 Mar 2001 09:33:08 -0800 (PST) Received: from praxis.lunabase.org (praxis.lunabase.org [63.200.244.110]) by lunabase.org (8.11.2/8.11.1) with ESMTP id f22HTth76378 for ; Fri, 02 Mar 2001 09:29:55 -0800 (PST envelope-from faber@lunabase.org) Received: (from faber@localhost) by praxis.lunabase.org (8.11.2/8.11.0) id f22HUEo01186 for freebsd-stable@freebsd.org; Fri, 02 Mar 2001 09:30:14 -0800 (PST envelope-from faber) X-URL: http://www.isi.edu/~faber Date: Fri, 02 Mar 2001 09:30:08 -0800 From: Ted Faber Subject: openssh, protocol 2, and agent forwarding To: freebsd-stable@freebsd.org Message-id: <20010302093008.A1145@praxis.lunabase.org> MIME-version: 1.0 Content-type: multipart/signed; micalg=php-sha1; protocol="application/pgp-signature"; boundary="gKMricLos+KVdGMg" Content-disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --gKMricLos+KVdGMg Content-Type: text/plain; charset=us-ascii Content-Disposition: inline When running openssh from 4.2-STABLE, I can't seem to get agent forwarding to work with protocol 2 (-o 'Protocol 2'). If this is intentional, can we get that added to the manual page? (The same config forweards agent information under protocol 1, so I think my configuration is good.) If not, I looked at the code, and it seems like the protocol 2 establishment path just doesn't seem to have code that requests the agent forwarding. (It may not have code to do it, either, I didn't check.) It looks like p2 requests go through client_init() and that code, unlike ssh_session() doesn't request the forwarding. Relevant lines of code are 827-845 in ssh_session() which look like they should be replicated and slightly modified at around 854 in client_init(). I didn't go much further than that, because I don't deeply grok ssh, and I didn't want to introduce security bugs, and I didn't have time to try to implement all of agent forwarding if it was left out on purpose. Anyone have some information for me? Thanks. --gKMricLos+KVdGMg Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6n9igaUz3f+Zf+XsRAu9gAKDZ7bem4fR+btqQ4Iq74GJuqo873QCdHum9 LKt803atNKvEksQdmda8W1g= =HRX6 -----END PGP SIGNATURE----- --gKMricLos+KVdGMg-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message