Bug#1059639: please give possibility for custom ssh-agent parameters
On Fri, Dec 29, 2023 at 07:38:40PM +0100, Marc Haber wrote:
> /usr/lib/openssh/agent-launch starts ssh-agent with a standard set of
> parameters. I'd like to have -t 1200 added to that.
>
> Please consider adding a possibility to control the parameters that the
> ssh agent is being invoked, for example by having an override unit, or
> having /usr/lib/openssh/agent-launch read a user-specific configuration
> file.
My main concern is getting quoting right: ssh-agent does take some
options were quoting can be relevant, especially -P. IMO that rules out
approaches such as environment variables (well, it's not impossible, but
it'd be a likely source of bugs).
I think the simplest approach would be to allow invoking something like
"/usr/lib/openssh/agent-launch start -- -t 1200", and pass the extra
arguments on to ssh-agent. You could then write a drop-in unit like
this:
[Service]
ExecStart=
ExecStart=/usr/lib/openssh/agent-launch start -- -t 1200
Would that be acceptable?
--
Colin Watson (he/him) [cjwatson@debian.org]
Reply to: