ssh-agent use in different security domains
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Oct 27 07:46:43 EST 2011
On 10/26/2011 03:43 PM, Saku Ytti wrote:
> On 26 October 2011 22:29, Peter Stuge <peter at stuge.se> wrote:
>
>>> Maybe 'ssh-add -c' is something I want (otoh it should prompt always?
>>> Which would be annoying.
>>
>> I don't find it so annoying. It takes a few logins to get used to the
>> extra prompt, but that's it. I use x11-ssh-askpass which is fast and
>> shows an unobtrusive prompt.
>
> Well I must agree with you, considering the alternative being insecure
> by definition or not using ssh-agent. It doesn't seem like that big problem.
>
> (I figured out why it didn't work for me, I'm using some gnome agent, which
> likely does not support this or is just buggy)
This is the relevant bug against gnome's ssh-agent implementation:
https://bugzilla.gnome.org/show_bug.cgi?id=525574
Please follow up there if you have suggestions for the GNOME team. thanks!
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20111026/d2699b4b/attachment.bin>
More information about the openssh-unix-dev
mailing list