[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1059639: please give possibility for custom ssh-agent parameters

On Fri, Dec 29, 2023 at 07:38:40PM +0100, Marc Haber wrote:
> /usr/lib/openssh/agent-launch starts ssh-agent with a standard set of
> parameters. I'd like to have -t 1200 added to that.
> 
> Please consider adding a possibility to control the parameters that the
> ssh agent is being invoked, for example by having an override unit, or
> having /usr/lib/openssh/agent-launch read a user-specific configuration
> file.

My main concern is getting quoting right: ssh-agent does take some
options were quoting can be relevant, especially -P.  IMO that rules out
approaches such as environment variables (well, it's not impossible, but
it'd be a likely source of bugs).

I think the simplest approach would be to allow invoking something like
"/usr/lib/openssh/agent-launch start -- -t 1200", and pass the extra
arguments on to ssh-agent.  You could then write a drop-in unit like
this:

  [Service]
  ExecStart=
  ExecStart=/usr/lib/openssh/agent-launch start -- -t 1200

Would that be acceptable?

-- 
Colin Watson (he/him)                              [cjwatson@debian.org]
Reply to: