Hacker News new | ask | show | jobs
by chasil 1099 days ago
I am on OpenBSD 7.2, and I see:

  $ eval $(ssh-agent)
  Agent pid 56785

  $ ssh-agent -k
  unset SSH_AUTH_SOCK;
  unset SSH_AGENT_PID;
  echo Agent pid 56785 killed;
The correct processing of that output requires an eval.

Did you have any other questions?
1 comments
pmarreck 1099 days ago
Why do you need to eval it?

$(ssh-agent)

won’t substitute that with the stdout and run that?

link
chasil 1099 days ago
Because the intended use for "ssh-agent -k" is for eval.

While redirecting to /dev/null will certainly work, the agent is holding sensitive credentials (by design), and confirmation of shutdown has a tangible security benefit.

link