On 12.09.21 00:11, Jim Knoble wrote:
On Sep 11, 2021, at 10:05, Peter Stuge <peter@xxxxxxxx> wrote: ssh-agent is apparently often started in the wrong context, because "ssh-add -c" confirmation doesn't work for a lot of people. :\On a recent Ubuntu [...] install, I had to disable the gnome-keyring-ssh thingy [...] because it was unexpectedly supplying passphrases to my keys without asking me. [...] If that's common across Ubuntu flavors, then I wouldn't be surprised if a large number of folks have ssh-agents that don't have the right context for 'ssh-add -c'.
I watched a user have a FAIL with "-c" just last week. He's using the WSL2 of his Win10 machine, which IIUC is an Ubuntu as well, so maybe that's his problem. I have to say that I associate that behaviour primarily with GNOME's agent system, rather than a particular distrib, though.
However, the one :-C case I did get to analyze to the bottom is my own workplace machine, back then being set up with Fedora 31, KDE spin. The problem *there* was that the default install would include /usr/bin/ksshaskpass, but not set $SSH_ASKPASS to point to it, so ssh-add would still try (the nonexisting) /usr/libexec/openssh/ssh-askpass. Installing the openssh-askpass package took care of that, but. :-/
(Yes, the installed executable is the GNOME version, but it refrains from throwing in the agents. And the popup stands out better than the theme-conforming KDE variant ...)
Regards, -- Jochen Bern Systemingenieur Binect GmbH
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
