Gordon Messmer wrote: > I believe the documentation wasn't written because services were > intended to be identical to ssh-agent. The problem is that it is configured in very different ways than ssh-agent. So it requires it's own documentation. And further, the services are a long way from identical. :) > The "ssh-add" tool can still be used to add and remove identities, > and has its own man page. Sure, and I find that many of the things documented to work in the ssh-add manpage do not work with the ssh agent provided by gnome keyring. Are you able to remove identities from the gnome provided agent? I am not. Not with the -d or -D switch. $ ssh-add -l 1024 61:34:65:0b:eb:cb:2b:83:cf:e2:3d:e9:9f:2f:c5:d3 id_dsa (DSA) 2048 27:c0:40:7c:f2:e5:4b:20:23:6b:19:2a:af:11:e7:6c id_rsa (RSA) $ ssh-add -D All identities removed. $ ssh-add -l 1024 61:34:65:0b:eb:cb:2b:83:cf:e2:3d:e9:9f:2f:c5:d3 id_dsa (DSA) 2048 27:c0:40:7c:f2:e5:4b:20:23:6b:19:2a:af:11:e7:6c id_rsa (RSA) Same for the -t option to have an identity expire, as well as the -x option to lock the agent. In the case of the -x option, ssh-add prompts for a password to lock the agent and then reports "Agent locked." Yet the keys continue to be usable to login to remote systems. Unless I'm doing something very wrong (which is always a possible), the gnome provided ssh agent is lacking a great many ways. Perhaps worst of all, I have been unable to disable the gnome ssh agent using the methods at http://live.gnome.org/GnomeKeyring/Ssh . So what little documentation there is appears to be inaccurate. :( -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Hell is paved with good samaritans. -- William M. Holden
Attachment:
pgp8rEYdpNF6N.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines