I submitted a simpler one (don't have a report number yet), for ssh-add.
This is the tough one:
It would be nice, if a switch were added (say ­-add) to ssh and slogin that
they would automatically do an 'ssh-add' for an identity if ssh-agent was
running (as opposed just using the password once and throwing it away).

I'm not sure of the security implications, though.  But it seems an "obvious
and uselfull feature", from a clueless persons point of view.

Ciao!

Yo!

I was about to submit this as a wishlist item - it really seems natural.
Security implications:
 - ssh-agent has implications, but I don't think this feature would add
	new issues.
 - it should, of course, not be default behaviour to add ids to the
	agent (although I should be able to do so in my .ssh/config)
 - If 81182 (expiration of ids) should be realized, too, some of the
	issues would be addressed.

There's precedent, too: afaik gpg and gpg-agent will also auto-add
secret keys. sudo does expire a 'stored password'.

cheers
-- vbi

tags 61079 upstream
severity 61079 wishlist

 > There's precedent, too: afaik gpg and gpg-agent will also auto-add
 > secret keys. sudo does expire a 'stored password'.

Feel free to try and convince upstream of this...

Matthew

I believe the AddKeysToAgent option (see `man ssh_config`) does what's
being asked for here. As usual, it can be enabled either in the ssh
system/user config file or via `-o AddKeysToAgent=yes` on the command
line.

This feature was added in OpenSSH 7.2, which appears to be older than
what's found in any currently-supported Debian version. So I imagine
this bug can be closed.