ssh-agent use in different security domains

Daniel Kahn Gillmor dkg at
Thu Oct 27 07:46:43 EST 2011

On 10/26/2011 03:43 PM, Saku Ytti wrote:
> On 26 October 2011 22:29, Peter Stuge <peter at> wrote:
>>> Maybe 'ssh-add -c' is something I want (otoh it should prompt always?
>>> Which would be annoying.
>> I don't find it so annoying. It takes a few logins to get used to the
>> extra prompt, but that's it. I use x11-ssh-askpass which is fast and
>> shows an unobtrusive prompt.
> Well I must agree with you, considering the alternative being insecure
> by definition or not using ssh-agent. It doesn't seem like that big problem.
> (I figured out why it didn't work for me, I'm using some gnome agent, which
> likely does not support this or is just buggy)

This is the relevant bug against gnome's ssh-agent implementation:

Please follow up there if you have suggestions for the GNOME team.  thanks!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the openssh-unix-dev mailing list