aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile4
-rw-r--r--ssh-agent-filter.C14
-rw-r--r--ssh-agent-filter.help2man12
3 files changed, 24 insertions, 6 deletions
diff --git a/Makefile b/Makefile
index a0dd007..e655ff1 100644
--- a/Makefile
+++ b/Makefile
@@ -27,8 +27,8 @@ all: ssh-agent-filter.1 afssh.1 ssh-askpass-noinput.1
%.1: %.1.md
pandoc -s -w man $< -o $@
-ssh-agent-filter.1: ssh-agent-filter
- help2man -n $< -o $@ -N ./$<
+%.1: %.help2man %
+ help2man -i $< -o $@ -N -L C.UTF-8 $(*D)/$(*F)
ssh-agent-filter: ssh-agent-filter.o
diff --git a/ssh-agent-filter.C b/ssh-agent-filter.C
index 30aaf9a..0fb6861 100644
--- a/ssh-agent-filter.C
+++ b/ssh-agent-filter.C
@@ -192,7 +192,7 @@ int make_listen_sock () {
}
void parse_cmdline (int const argc, char const * const * const argv) {
- po::options_description opts{"OPTIONS"};
+ po::options_description opts{"Options"};
opts.add_options()
("all-confirmed,A", po::bool_switch(&all_confirmed),"allow all other keys with confirmation")
("comment,c", po::value(&allowed_comment), "key specified by comment")
@@ -211,13 +211,19 @@ void parse_cmdline (int const argc, char const * const * const argv) {
notify(config);
if (config.count("help")) {
- cout << "Usage: ssh-agent-filter [ OPTIONS ]" << endl;
- cout << opts << endl;
+ cout << "Usage: ssh-agent-filter [ OPTIONS ]\n";
+ cout << opts;
+ cout << "Environment:\n";
+ cout << " SSH_AUTH_SOCK socket of upstream ssh-agent\n";
+ cout << " SSH_ASKPASS command to run for confirmation questions\n";
exit(EX_OK);
}
if (config.count("version")) {
- cout << SSH_AGENT_FILTER_VERSION << endl;
+ cout << SSH_AGENT_FILTER_VERSION "\n";
+ cout << "Written by Timo Weingärtner.\n";
+ cout << "Report bugs to the Debian BTS at https://bugs.debian.org/\n";
+ cout << "or by mail to timo@tiwe.de.\n";
exit(EX_OK);
}
diff --git a/ssh-agent-filter.help2man b/ssh-agent-filter.help2man
new file mode 100644
index 0000000..e546c9e
--- /dev/null
+++ b/ssh-agent-filter.help2man
@@ -0,0 +1,12 @@
+[NAME]
+ssh\-agent\-filter \- filtering proxy for ssh\-agent meant to be forwarded to untrusted servers
+[DESCRIPTION]
+ssh\-agent\-filter provides the unix domain socket interface of an ssh\-agent.
+By default it forks and outputs shell code setting SSH_AUTH_SOCK and SSH_AGENT_PID, just like ssh\-agent does.
+
+It filters each request according to its command line options.
+No crypto operations are done by ssh\-agent\-filter; they are delegated to the upstream ssh\-agent.
+
+ssh\-agent\-filter is not meant to be used directly, but through afssh.
+[SEE ALSO]
+afssh(1), ssh(1), ssh\-agent(1)