ssh-agent and id_dsa
Markus Friedl
Markus.Friedl at informatik.uni-erlangen.de
Tue Feb 20 21:12:19 EST 2001
why don't you rename the key? :)
does the protocol-1 implementation remember keys?
On Tue, Feb 20, 2001 at 10:40:30AM +0100, Lutz Jaenicke wrote:
> Hi!
>
> I am distributing 2.5.1p1 for production use on my system by now and prepare
> switching to protocol 2 as default protocol.
>
> I just noted, that ssh-agent can be used for protocol 1 and 2, but the
> keys kept in ssh-agent are not compared against keys in .ssh.
> Example: I have a DSA key in id_dsa which I load into ssh-agent on login.
> When connecting to an account accepting the key everything is fine.
> If the key is not accepted, slogin will not recognize that the key was
> already tried from ssh-agent and will ask me again to enter the password
> to unlock the key (for another failure).
> This is due to sshconnect2.c:userauth_pubkey() where this retrial is not
> performed for KEY_RSA1 but for other keys.
> I did not dig into the functionality yet. Is there a way to "remember"
> which pubkeys were already tried from ssh-agent and to not try again
> from file (and hence ask for the passphrase)?
>
> Best regards,
> Lutz
> --
> Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
> BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
> Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
>
More information about the openssh-unix-dev
mailing list