https://bugzilla.mindrot.org/show_bug.cgi?id=1980
--- Comment #11 from Philip Hands <[email protected]> --- (In reply to comment #10) > Thanks for making the changes - it's pretty close now. No problem. > A couple more comments: > > > 35 DEFAULT_PUB_ID_FILE=$(ls -t ${HOME}/.ssh/*.pub | grep -v -- > > '-cert.pub$' | head -n 1) > > Could you make this id*.pub? I worry about people accidentally > exporting special-use keys instead of the usual default auth keys by > mistake. Done. > > 67 GETOPT_PARSED=$(getopt --options 'i::p:nh?' --name "$0" --quiet -- "$@") > > Would it be possible to pass -o [arg] though to ssh? Quite a few > people have requested this over the years. I presume that will need to be properly quoted in order to be passed through, and that they may want to specify more than one -o option. That seems to mean that I'll have to do some sort of nasty quoting, and then eval the ssh command in order to unwrap the quoting, or am I making things more complicated than they need to be? > > 178 NetScreen*) > > 179 populate_new_ids 1 > > 180 for KEY in $(echo "$NEW_IDS"| cut -d' ' -f2) ; do > > I'd add: > > echo "$KEY" | grep -q ssh-dss || continue > > to skip non-DSA keys here if that's all the Netscreens support. Well, I've added a warning, and made the error messages a bit more useful (hopefully), but in effect -- Done. > I think populate_new_ids() might need a umask call too. Do you mean 0022 in case they have something silly set, or 0177 or some such for reasons of paranoia? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
