Hi all,
After a discussion at work, I started looking at enabling confirmation
before authentication through ssh-agent by default. When logging in
through xdm, the default Xsession runs `ssh-add < /dev/null` (see line
36 in /etc/X11/xdm/Xsession). My keys are loaded and I can log in to
remote hosts. On some machines, I skip loading the keys or unload
them after logging in and then load or re-add them using ssh-add -c,
so I am asked for confirmation every time the agent is used.
However, I would like this to be the default on my machines. Is there
an easy way to achieve this without carrying a local diff? I checked
the ssh-keygen manpage to see if there are any key-options that force
this, but couldn't find anything (the options are generally to limit
what happens on the remote end). ssh-add allows for it (obviously),
but then you need a change to the command line, and that's in a system
file: I don't want to propose that as a diff, as I don't think this
makes sense in all cases (I have other machines where I wouldn't want
this to happen by default).
How are others doing this?
Thanks,
Paul
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
