ssh-agent and id_dsa

[Lutz Jaenicke]

Hi!

I am distributing 2.5.1p1 for production use on my system by now and prepare
switching to protocol 2 as default protocol.

I just noted, that ssh-agent can be used for protocol 1 and 2, but the
keys kept in ssh-agent are not compared against keys in .ssh.
Example: I have a DSA key in id_dsa which I load into ssh-agent on login.
When connecting to an account accepting the key everything is fine.
If the key is not accepted, slogin will not recognize that the key was
already tried from ssh-agent and will ask me again to enter the password
to unlock the key (for another failure).
This is due to sshconnect2.c:userauth_pubkey() where this retrial is not
performed for KEY_RSA1 but for other keys.
I did not dig into the functionality yet. Is there a way to "remember"
which pubkeys were already tried from ssh-agent and to not try again
from file (and hence ask for the passphrase)?

Best regards,
	Lutz
-- 
Lutz Jaenicke                             Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153