forwardagent defaults to no, add ssh -A

3 files changed, 15 insertions, 7 deletions

diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index 74570db316a..15b8e6e1711 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: readconf.c,v 1.32 2000/05/22 18:42:01 markus Exp $");
+RCSID("$Id: readconf.c,v 1.33 2000/05/29 20:20:46 markus Exp $");
 
 #include "ssh.h"
 #include "cipher.h"
@@ -697,7 +697,7 @@ void
 fill_default_options(Options * options)
 {
 	if (options->forward_agent == -1)
-		options->forward_agent = 1;
+		options->forward_agent = 0;
 	if (options->forward_x11 == -1)
 		options->forward_x11 = 0;
 	if (options->gateway_ports == -1)
diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1
index c55587ce858..d069ce18184 100644
--- a/usr.bin/ssh/ssh.1
+++ b/usr.bin/ssh/ssh.1
@@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 21:55:14 1995 ylo
 .\"
-.\" $Id: ssh.1,v 1.53 2000/05/15 06:54:03 markus Exp $
+.\" $Id: ssh.1,v 1.54 2000/05/29 20:20:46 markus Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSH 1
@@ -24,7 +24,7 @@
 .Op Ar command
 .Pp
 .Nm ssh
-.Op Fl afgknqtvxCNPTX246
+.Op Fl afgknqtvxACNPTX246
 .Op Fl c Ar cipher_spec
 .Op Fl e Ar escape_char
 .Op Fl i Ar identity_file
@@ -332,7 +332,9 @@ host key is not known or has changed.
 .Bl -tag -width Ds
 .It Fl a
 Disables forwarding of the authentication agent connection.
-This may also be specified on a per-host basis in the configuration file.
+.It Fl A
+Enables forwarding of the authentication agent connection.
+This can also be specified on a per-host basis in a configuration file.
 .It Fl c Ar blowfish|3des
 Selects the cipher to use for encrypting the session.
 .Ar 3des
@@ -460,9 +462,9 @@ The verbose mode is also used to display
 challenges, if the user entered "s/key" as password.
 .It Fl x
 Disables X11 forwarding.
-This can also be specified on a per-host basis in a configuration file.
 .It Fl X
 Enables X11 forwarding.
+This can also be specified on a per-host basis in a configuration file.
 .It Fl C
 Requests compression of all data (including stdin, stdout, stderr, and
 data for forwarded X11 and TCP/IP connections).
@@ -671,6 +673,8 @@ The argument must be
 .Dq yes
 or
 .Dq no .
+The default is
+.Dq no .
 .It Cm ForwardX11
 Specifies whether X11 connections will be automatically redirected
 over the secure channel and
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index a250b858bde..e4d1f09a452 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -11,7 +11,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: ssh.c,v 1.52 2000/05/15 06:52:55 markus Exp $");
+RCSID("$Id: ssh.c,v 1.53 2000/05/29 20:20:46 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/dsa.h>
@@ -108,6 +108,7 @@ usage()
 	fprintf(stderr, "Options:\n");
 	fprintf(stderr, "  -l user     Log in using this user name.\n");
 	fprintf(stderr, "  -n          Redirect input from /dev/null.\n");
+	fprintf(stderr, "  -A          Enable authentication agent forwarding.\n");
 	fprintf(stderr, "  -a          Disable authentication agent forwarding.\n");
 #ifdef AFS
 	fprintf(stderr, "  -k          Disable Kerberos ticket and AFS token forwarding.\n");
@@ -307,6 +308,9 @@ main(int ac, char **av)
 		case 'a':
 			options.forward_agent = 0;
 			break;
+		case 'A':
+			options.forward_agent = 1;
+			break;
 #ifdef AFS
 		case 'k':
 			options.kerberos_tgt_passing = 0;