#2729 PR merged: also add ssh-add prog when ssh-agent is added

Labels: enhancement, fixed / solved / done

DEvil0000 opened issue at 2021-12-15 14:59:

  • Type: Bug Fix
  • Impact: Normal
  • How was this pull request tested?

not at all

  • Brief description of the changes in this pull request:

Since ssh-agent gets added it makes sense to add ssh-add as well.

jsmeix commented at 2021-12-16 08:46:

@rear/contributors
I am not at all a ssh expert so I would like to get a review
from someone who knows more about ssh-agent with and without ssh-add.

ssh-agent without ssh-add was added to PROGS via
https://github.com/rear/rear/commit/a08109ff9ecbc1e7bf530f5f35d0a35576837fb5
from https://github.com/rear/rear/pull/1513
that is based on https://github.com/rear/rear/pull/1500

So I think ssh-agent works even without ssh-add but according to
https://www.ssh.com/academy/ssh/add
ssh-add is needed for "Adding an Arbitrary Key"
so it seems ssh-add should be available by default in the recovery system
so that by default "Adding an Arbitrary Key" is possible.

According to
https://smallstep.com/blog/ssh-agent-explained/
"ssh-add -x" is needed "to reduce your risk when agent forwarding"
so it seems ssh-add should be available by default in the recovery system
so that it is by default possible "to reduce your risk when agent forwarding".

Adding ssh-add by default to the recovery system
increases the default recovery system size by about 500KB
because on my openSUSE Leap 15.3 system I get

# ls -lh /usr/bin/ssh-add
-rwxr-xr-x 1 root root 435K Nov 26 09:30 /usr/bin/ssh-add

linux-h9wr:~ # ldd /usr/bin/ssh-add
        linux-vdso.so.1 (0x00007ffc58bfe000)
        libcrypto.so.1.1 => /usr/lib64/libcrypto.so.1.1 (0x00007f7404a56000)
        libz.so.1 => /lib64/libz.so.1 (0x00007f740483f000)
        libc.so.6 => /lib64/libc.so.6 (0x00007f740446a000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007f7404266000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f7404046000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f74051aa000)

linux-h9wr:~ # ldd /usr/bin/ssh-agent 
        linux-vdso.so.1 (0x00007ffdd0df6000)
        libcrypto.so.1.1 => /usr/lib64/libcrypto.so.1.1 (0x00007f9679fb8000)
        libz.so.1 => /lib64/libz.so.1 (0x00007f9679da1000)
        libc.so.6 => /lib64/libc.so.6 (0x00007f96799cc000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007f96797c8000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f96795a8000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f967a709000)

so 435K for /usr/bin/ssh-add will be added
but no additional libraries will be added.


[Export of Github issue for rear/rear.]