-.\" $OpenBSD: ssh-agent.1,v 1.31 2002/02/04 20:41:16 stevesk Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.32 2002/06/05 16:08:07 markus Exp $
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.Nd authentication agent
.Sh SYNOPSIS
.Nm ssh-agent
+.Op Fl a Ar bind_address
.Op Fl c Li | Fl s
.Op Fl d
.Op Ar command Op Ar args ...
.Pp
The options are as follows:
.Bl -tag -width Ds
+.It Fl a Ar bind_address
+Bind the agent to the unix-domain socket
+.Ar bind_address .
+The default is
+.Pa /tmp/ssh-XXXXXXXX/agent.<pid> .
.It Fl c
Generate C-shell commands on
.Dv stdout .
This way, private keys are not exposed to clients using the agent.
.Pp
A unix-domain socket is created
-.Pq Pa /tmp/ssh-XXXXXXXX/agent.<pid> ,
and the name of this socket is stored in the
.Ev SSH_AUTH_SOCK
environment
#include "includes.h"
#include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.85 2002/04/02 11:49:39 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.86 2002/06/05 16:08:07 markus Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
fprintf(stderr, " -s Generate Bourne shell commands on stdout.\n");
fprintf(stderr, " -k Kill the current agent.\n");
fprintf(stderr, " -d Debug mode.\n");
+ fprintf(stderr, " -a socket Bind agent socket to given name.\n");
exit(1);
}
#endif
pid_t pid;
char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
+ char *agentsocket = NULL;
extern int optind;
fd_set *readsetp = NULL, *writesetp = NULL;
seed_rng();
#ifdef __GNU_LIBRARY__
- while ((ch = getopt(ac, av, "+cdks")) != -1) {
+ while ((ch = getopt(ac, av, "+cdksa:")) != -1) {
#else /* __GNU_LIBRARY__ */
- while ((ch = getopt(ac, av, "cdks")) != -1) {
+ while ((ch = getopt(ac, av, "cdksa:")) != -1) {
#endif /* __GNU_LIBRARY__ */
switch (ch) {
case 'c':
usage();
d_flag++;
break;
+ case 'a':
+ agentsocket = optarg;
+ break;
default:
usage();
}
}
parent_pid = getpid();
- /* Create private directory for agent socket */
- strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
- if (mkdtemp(socket_dir) == NULL) {
- perror("mkdtemp: private socket dir");
- exit(1);
+ if (agentsocket == NULL) {
+ /* Create private directory for agent socket */
+ strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
+ if (mkdtemp(socket_dir) == NULL) {
+ perror("mkdtemp: private socket dir");
+ exit(1);
+ }
+ snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
+ parent_pid);
+ } else {
+ /* Try to use specified agent socket */
+ socket_dir[0] = '\0';
+ strlcpy(socket_name, agentsocket, sizeof socket_name);
}
- snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
- parent_pid);
/*
* Create socket early so it will exist before command gets run from