[PATCH] Caching passphrase in ssh-add.

[David Woodhouse]

Markus.Friedl at informatik.uni-erlangen.de said:
> i don't understand your point? what do you want? 

Sorry, I wasn't very clear. 

> you want to share passphrases, this is no problem for me. you want to 
> cache passphases? i think this is a bad idea but i might be wrong.

Caching passphrases for any length of time would be bad, I agree. I'm 
suggesting that they're kept for a very short period of time in a process 
which had them already, so that if the same passphrase is used on multiple 
keys, it only needs to be entered once per invocation of ssh-add. This 
reduces the number of times that the user has to physically enter their 
passphrase, and hence could even be argued to be _increasing_ the security.

> but how is this related to SSH-2 RSA keys?

Not at all. My problem is that I have to type the passphrase twice, and I'm 
lazy.

If SSHv2 were capable of using SSH-1 RSA keys, then I wouldn't need the
extra DSA key - I could use only a single RSA1 key and still not have to
type the passphrase twice.

The alternative fix is for ssh-add, when asked to add both keys 
simultaneously, to attempt to re-use the passphrase entered for the 
first key on the second, rather than asking me a second time. This is 
what the patch I provided does.

--
dwmw2