(command.CommandList children: [ (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:tid) op: assign_op.Equal rhs: {(DQ <'ssh with certificates'>)} spids: [7] ) ] ) (C {<rm>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key'> <Id.Lit_Star '*'>} {($ Id.VSub_DollarName '$OBJ') <'/user_key'> <Id.Lit_Star '*'>} ) (C {<rm>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/cert_user_key'> <Id.Lit_Star '*'>}) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-N>} {(SQ )} {<-t>} {<ed25519>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key1'>} ) (C {<fatal>} {(DQ <'ssh-keygen failed'>)}) ] ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-N>} {(SQ )} {<-t>} {<ed25519>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key2'>} ) (C {<fatal>} {(DQ <'ssh-keygen failed'>)}) ] ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-N>} {(SQ )} {<-t>} {<ed25519>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_key1'>} ) (C {<fatal>} {(DQ <'ssh-keygen failed'>)}) ] ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-N>} {(SQ )} {<-t>} {<ed25519>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_key2'>} ) (C {<fatal>} {(DQ <'ssh-keygen failed'>)}) ] ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-N>} {(SQ )} {<-t>} {<ed25519>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_key3'>} ) (C {<fatal>} {(DQ <'ssh-keygen failed'>)}) ] ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-N>} {(SQ )} {<-t>} {<ed25519>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_key4'>} ) (C {<fatal>} {(DQ <'ssh-keygen failed'>)}) ] ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-N>} {(SQ )} {<-t>} {<ed25519>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_key5'>} ) (C {<fatal>} {(DQ <'ssh-keygen failed'>)}) ] ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-s>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key1'>} {<-I>} {(DQ <'regress user key for '> ($ Id.VSub_DollarName '$USER'))} {<-z>} {($ Id.VSub_Dollar '$$')} {<-n>} {(${ Id.VSub_Name USER)} {($ Id.VSub_DollarName '$OBJ') <'/user_key1'>} ) (C {<fatal>} {(DQ <'couldn\'t sign user_key1 with user_ca_key1'>)}) ] ) (C {<mv>} {($ Id.VSub_DollarName '$OBJ') <'/user_key1-cert.pub'>} {($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_1.pub'>} ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-s>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key2'>} {<-I>} {(DQ <'regress user key for '> ($ Id.VSub_DollarName '$USER'))} {<-z>} {($ Id.VSub_Dollar '$$')} {<-n>} {(${ Id.VSub_Name USER)} {($ Id.VSub_DollarName '$OBJ') <'/user_key1'>} ) (C {<fatal>} {(DQ <'couldn\'t sign user_key1 with user_ca_key2'>)}) ] ) (C {<mv>} {($ Id.VSub_DollarName '$OBJ') <'/user_key1-cert.pub'>} {($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_2.pub'>} ) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-s>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key1'>} {<-I>} {(DQ <'regress user key for '> ($ Id.VSub_DollarName '$USER'))} {<-z>} {($ Id.VSub_Dollar '$$')} {<-n>} {(${ Id.VSub_Name USER)} {($ Id.VSub_DollarName '$OBJ') <'/user_key3'>} ) (C {<fatal>} {(DQ <'couldn\'t sign user_key3 with user_ca_key1'>)}) ] ) (C {<rm>} {($ Id.VSub_DollarName '$OBJ') <'/user_key3.pub'>}) (command.AndOr ops: [Id.Op_DPipe] children: [ (C {(${ Id.VSub_Name SSHKEYGEN)} {<-q>} {<-s>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key1'>} {<-I>} {(DQ <'regress user key for '> ($ Id.VSub_DollarName '$USER'))} {<-z>} {($ Id.VSub_Dollar '$$')} {<-n>} {(${ Id.VSub_Name USER)} {($ Id.VSub_DollarName '$OBJ') <'/user_key4'>} ) (C {<fatal>} {(DQ <'couldn\'t sign user_key4 with user_ca_key1'>)}) ] ) (C {<rm>} {($ Id.VSub_DollarName '$OBJ') <'/user_key4'>} {($ Id.VSub_DollarName '$OBJ') <'/user_key4.pub'>} ) (C {<trace>} {(SQ <'try with identity files'>)}) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts) op: assign_op.Equal rhs: {(DQ <'-F '> ($ Id.VSub_DollarName '$OBJ') <'/ssh_proxy -oIdentitiesOnly=yes'>)} spids: [466] ) ] ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts2) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts') <' -i '> ($ Id.VSub_DollarName '$OBJ') <'/user_key1 -i '> ($ Id.VSub_DollarName '$OBJ') <'/user_key2'> ) } spids: [473] ) ] ) (command.Simple words: [ {<echo>} { (DQ <'cert-authority '> (command_sub left_token: <Id.Left_DollarParen '$('> child: (C {<cat>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key1.pub'>}) ) ) } ] redirects: [ (redir op: <Id.Redir_Great '>'> loc: (redir_loc.Fd fd:1) arg: {($ Id.VSub_DollarName '$OBJ') <'/authorized_keys_'> ($ Id.VSub_DollarName '$USER')} ) ] do_fork: T ) (command.Pipeline children: [ (C {<cat>} {($ Id.VSub_DollarName '$OBJ') <'/ssh_proxy'>}) (command.Simple words: [{<grep>} {<-v>} {<IdentityFile>}] redirects: [ (redir op: <Id.Redir_Great '>'> loc: (redir_loc.Fd fd:1) arg: {($ Id.VSub_DollarName '$OBJ') <'/no_identity_config'>} ) ] do_fork: T ) ] negated: F ) (command.ForEach iter_name: p iter_words: [{(${ Id.VSub_Name SSH_PROTOCOLS)}] do_arg_iter: F body: (command.DoGroup children: [ (C {<verbose>} { (DQ <'protocol '> ($ Id.VSub_DollarName '$p') <': identity cert with no plain public file'> ) } ) (C {(${ Id.VSub_Name SSH)} {<-F>} {($ Id.VSub_DollarName '$OBJ') <'/no_identity_config'>} {<-oIdentitiesOnly> <Id.Lit_Equals '='> <yes>} {<-i>} {($ Id.VSub_DollarName '$OBJ') <'/user_key3'>} {<somehost>} {<Id.ControlFlow_Exit exit>} {<5> ($ Id.VSub_DollarName '$p')} ) (command.AndOr ops: [Id.Op_DAmp] children: [ (C {<Id.Lit_LBracket '['>} {($ Id.VSub_QMark '$?')} {<-ne>} {<5> ($ Id.VSub_DollarName '$p')} {<Id.Lit_RBracket ']'>} ) (C {<fail>} {(DQ <'ssh failed'>)}) ] ) (C {<verbose>} { (DQ <'protocol '> ($ Id.VSub_DollarName '$p') <': CertificateFile with no plain public file'> ) } ) (C {(${ Id.VSub_Name SSH)} {<-F>} {($ Id.VSub_DollarName '$OBJ') <'/no_identity_config'>} {<-oIdentitiesOnly> <Id.Lit_Equals '='> <yes>} {<-oCertificateFile> <Id.Lit_Equals '='> ($ Id.VSub_DollarName '$OBJ') <'/user_key3-cert.pub'>} {<-i>} {($ Id.VSub_DollarName '$OBJ') <'/user_key3'>} {<somehost>} {<Id.ControlFlow_Exit exit>} {<5> ($ Id.VSub_DollarName '$p')} ) (command.AndOr ops: [Id.Op_DAmp] children: [ (C {<Id.Lit_LBracket '['>} {($ Id.VSub_QMark '$?')} {<-ne>} {<5> ($ Id.VSub_DollarName '$p')} {<Id.Lit_RBracket ']'>} ) (C {<fail>} {(DQ <'ssh failed'>)}) ] ) (C {<verbose>} {(DQ <'protocol '> ($ Id.VSub_DollarName '$p') <': plain keys'>)}) (C {(${ Id.VSub_Name SSH)} {($ Id.VSub_DollarName '$opts2')} {<somehost>} {<Id.ControlFlow_Exit exit>} {<5> ($ Id.VSub_DollarName '$p')} ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:r) op: assign_op.Equal rhs: {($ Id.VSub_QMark '$?')} spids: [703] ) ] ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_DollarName '$r')} {<-eq>} {<5> ($ Id.VSub_DollarName '$p')} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [ (C {<fail>} {(DQ <'ssh succeeded with no certs in protocol '> ($ Id.VSub_DollarName '$p'))} ) ] spids: [707 721] ) ] ) (C {<verbose>} {(DQ <'protocol '> ($ Id.VSub_DollarName '$p') <': untrusted cert'>)}) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts3) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts2') <' -oCertificateFile='> ($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_2.pub'> ) } spids: [749] ) ] ) (C {(${ Id.VSub_Name SSH)} {($ Id.VSub_DollarName '$opts3')} {<somehost>} {<Id.ControlFlow_Exit exit>} {<5> ($ Id.VSub_DollarName '$p')} ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:r) op: assign_op.Equal rhs: {($ Id.VSub_QMark '$?')} spids: [772] ) ] ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_DollarName '$r')} {<-eq>} {<5> ($ Id.VSub_DollarName '$p')} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [ (C {<fail>} {(DQ <'ssh succeeded with bad cert in protocol '> ($ Id.VSub_DollarName '$p'))} ) ] spids: [776 790] ) ] ) (C {<verbose>} {(DQ <'protocol '> ($ Id.VSub_DollarName '$p') <': good cert, bad key'>)}) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts3) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts') <' -i '> ($ Id.VSub_DollarName '$OBJ') <'/user_key2'> ) } spids: [818] ) ] ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts3) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts3') <' -oCertificateFile='> ($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_1.pub'> ) } spids: [827] ) ] ) (C {(${ Id.VSub_Name SSH)} {($ Id.VSub_DollarName '$opts3')} {<somehost>} {<Id.ControlFlow_Exit exit>} {<5> ($ Id.VSub_DollarName '$p')} ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:r) op: assign_op.Equal rhs: {($ Id.VSub_QMark '$?')} spids: [850] ) ] ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_DollarName '$r')} {<-eq>} {<5> ($ Id.VSub_DollarName '$p')} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [ (C {<fail>} { (DQ <'ssh succeeded with no matching key in protocol '> ($ Id.VSub_DollarName '$p') ) } ) ] spids: [854 868] ) ] ) (C {<verbose>} {(DQ <'protocol '> ($ Id.VSub_DollarName '$p') <': single trusted'>)}) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts3) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts2') <' -oCertificateFile='> ($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_1.pub'> ) } spids: [896] ) ] ) (C {(${ Id.VSub_Name SSH)} {($ Id.VSub_DollarName '$opts3')} {<somehost>} {<Id.ControlFlow_Exit exit>} {<5> ($ Id.VSub_DollarName '$p')} ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:r) op: assign_op.Equal rhs: {($ Id.VSub_QMark '$?')} spids: [919] ) ] ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_DollarName '$r')} {<-ne>} {<5> ($ Id.VSub_DollarName '$p')} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [ (C {<fail>} { (DQ <'ssh failed with trusted cert and key in protocol '> ($ Id.VSub_DollarName '$p') ) } ) ] spids: [923 937] ) ] ) (C {<verbose>} {(DQ <'protocol '> ($ Id.VSub_DollarName '$p') <': multiple trusted'>)}) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts3) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts2') <' -oCertificateFile='> ($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_2.pub'> ) } spids: [965] ) ] ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts3) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts3') <' -oCertificateFile='> ($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_1.pub'> ) } spids: [974] ) ] ) (C {(${ Id.VSub_Name SSH)} {($ Id.VSub_DollarName '$opts3')} {<somehost>} {<Id.ControlFlow_Exit exit>} {<5> ($ Id.VSub_DollarName '$p')} ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:r) op: assign_op.Equal rhs: {($ Id.VSub_QMark '$?')} spids: [997] ) ] ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_DollarName '$r')} {<-ne>} {<5> ($ Id.VSub_DollarName '$p')} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [ (C {<fail>} { (DQ <'ssh failed with multiple certs in protocol '> ($ Id.VSub_DollarName '$p') ) } ) ] spids: [1001 1015] ) ] ) ] ) ) (command.Simple words: [{(${ Id.VSub_Name SSHADD)} {<-l>}] redirects: [ (redir op:<Id.Redir_Great '>'> loc:(redir_loc.Fd fd:1) arg:{<'/dev/null'>}) (redir op:<Id.Redir_GreatAnd '2>&'> loc:(redir_loc.Fd fd:2) arg:{<1>}) ] more_env: [(env_pair name:SSH_AUTH_SOCK val:{<'/nonexistent'>} spids:[1034])] do_fork: T ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_QMark '$?')} {<-ne>} {<2>} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [(C {<fatal>} {(DQ <'ssh-add -l did not fail with exit code 2'>)})] spids: [1050 1063] ) ] ) (C {<trace>} {(DQ <'start agent'>)}) (command.Simple words: [ {<eval>} {(command_sub left_token:<Id.Left_Backtick '`'> child:(C {(${ Id.VSub_Name SSHAGENT)} {<-s>}))} ] redirects: [(redir op:<Id.Redir_Great '>'> loc:(redir_loc.Fd fd:1) arg:{<'/dev/null'>})] do_fork: T ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:r) op: assign_op.Equal rhs: {($ Id.VSub_QMark '$?')} spids: [1097] ) ] ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_DollarName '$r')} {<-ne>} {<0>} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [ (C {<fatal>} {(DQ <'could not start ssh-agent: exit code '> ($ Id.VSub_DollarName '$r'))}) ] spids: [1100 1113] ) ] ) (command.Simple words: [{(${ Id.VSub_Name SSHADD)} {<-k>} {($ Id.VSub_DollarName '$OBJ') <'/user_key2'>}] redirects: [ (redir op:<Id.Redir_Great '>'> loc:(redir_loc.Fd fd:1) arg:{<'/dev/null'>}) (redir op:<Id.Redir_GreatAnd '2>&'> loc:(redir_loc.Fd fd:2) arg:{<1>}) ] do_fork: T ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_QMark '$?')} {<-ne>} {<0>} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [(C {<fatal>} {(DQ <'ssh-add did not succeed with exit code 0'>)})] spids: [1145 1158] ) ] ) (command.Simple words: [{(${ Id.VSub_Name SSHADD)} {<-k>} {($ Id.VSub_DollarName '$OBJ') <'/user_key1'>}] redirects: [ (redir op:<Id.Redir_Great '>'> loc:(redir_loc.Fd fd:1) arg:{<'/dev/null'>}) (redir op:<Id.Redir_GreatAnd '2>&'> loc:(redir_loc.Fd fd:2) arg:{<1>}) ] do_fork: T ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_QMark '$?')} {<-ne>} {<0>} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [(C {<fatal>} {(DQ <'ssh-add did not succeed with exit code 0'>)})] spids: [1185 1198] ) ] ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts) op: assign_op.Equal rhs: {(DQ <'-F '> ($ Id.VSub_DollarName '$OBJ') <'/ssh_proxy'>)} spids: [1216] ) ] ) (C {(${ Id.VSub_Name SSH)} {<-2>} {($ Id.VSub_DollarName '$opts')} {<somehost>} {<Id.ControlFlow_Exit exit>} {<52>} ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_QMark '$?')} {<-eq>} {<52>} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [(C {<fail>} {(DQ <'ssh connect with agent in protocol 2 succeeded with no cert'>)})] spids: [1240 1253] ) ] ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts') <' -oCertificateFile='> ($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_2.pub'> ) } spids: [1268] ) ] ) (C {(${ Id.VSub_Name SSH)} {<-2>} {($ Id.VSub_DollarName '$opts')} {<somehost>} {<Id.ControlFlow_Exit exit>} {<52>} ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_QMark '$?')} {<-eq>} {<52>} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [(C {<fail>} {(DQ <'ssh connect with agent in protocol 2 succeeded with bad cert'>)})] spids: [1290 1303] ) ] ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:opts) op: assign_op.Equal rhs: { (DQ ($ Id.VSub_DollarName '$opts') <' -oCertificateFile='> ($ Id.VSub_DollarName '$OBJ') <'/cert_user_key1_1.pub'> ) } spids: [1318] ) ] ) (C {(${ Id.VSub_Name SSH)} {<-2>} {($ Id.VSub_DollarName '$opts')} {<somehost>} {<Id.ControlFlow_Exit exit>} {<52>} ) (command.If arms: [ (if_arm cond: (condition.Shell commands: [ (command.Sentence child: (C {<Id.Lit_LBracket '['>} {($ Id.VSub_QMark '$?')} {<-ne>} {<52>} {<Id.Lit_RBracket ']'>} ) terminator: <Id.Op_Semi _> ) ] ) action: [(C {<fail>} {(DQ <'ssh connect with agent in protocol 2 failed with good cert'>)})] spids: [1340 1353] ) ] ) (C {<trace>} {(DQ <'kill agent'>)}) (command.Simple words: [{(${ Id.VSub_Name SSHAGENT)} {<-k>}] redirects: [(redir op:<Id.Redir_Great '>'> loc:(redir_loc.Fd fd:1) arg:{<'/dev/null'>})] do_fork: T ) (C {<rm>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/user_ca_key'> <Id.Lit_Star '*'>} {($ Id.VSub_DollarName '$OBJ') <'/user_key'> <Id.Lit_Star '*'>} ) (C {<rm>} {<-f>} {($ Id.VSub_DollarName '$OBJ') <'/cert_user_key'> <Id.Lit_Star '*'>}) ] )