[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] keyring integration from a user POV
|
From: |
Benoît Dejean |
|
Subject: |
Re: [Monotone-devel] keyring integration from a user POV |
|
Date: |
Mon, 09 Apr 2007 20:29:47 +0200 |
Le lundi 09 avril 2007 à 07:52 -0700, Justin Patrin a écrit :
> On 4/8/07, Benoît Dejean <address@hidden> wrote:
> > > >
> > > > - Why is it using ssh-agent if it doesn't really need to ? I mean it
> > > > used to work without by using the hook. On windows where i don't run any
> > > > ssh-agent, it works as it used to be.
> >
> > It seems to me that the password hook and ssh-agent are both trying to
> > get my key. Maybe it's just a matter of order : 1) hook 2) ssh-agent ?
> > Is the password hook obsolete ?
>
> They're not both "trying to get your key". The signature code (and
> anywhere else that needs it) is what gets your key.
>
> ssh-agent support is supposed to supercede the password hook. It is
> far more secure than leaving your key password in plaintext on your
> hard drive. If you use both then you won't ever have to enter your
> password (as it will be in the hook) and mtn will also add it to
> ssh-agent. However, this isn't how it's meant to be used.
OK
> >
> > > > - Who is asking for unlocking my main real ssh key ?
>
> To see if ssh-agent has your mtn key in it it has to list the keys
> that ssh-agent has. It sounds like your agent is unlocking the keys in
> order to list them. This sounds to me like a bit of a misnomer as
> listing keys only gets you the public part, not the private part.
I am using OpenSSH_4.3p2 Debian-9, OpenSSL 0.9.8e 23 Feb 2007 so i might
not be the only one to experience the same.
I am now totally lost. I have dropped the get_passphrase hook and now
the agent prompts my password on command line ... why ? It should use
the X prompt as every other application i have (graphical or not)
> Actually, if you look closely at the
> exported key, it doesn't use the same standard format that ssh-keygen
> exports as. It is readable by ssh-agent but in a different format.
This is why gnome-keyring (and i guess other graphical keyring manager)
display meaningless ID. It's annoying. Is it a bug in gnome-keyring or
is mtn abusing ssh-agent ?
--
Benoît Dejean
GNOME http://www.gnomefr.org/
LibGTop http://directory.fsf.org/libgtop.html
unknown key.png
Description: PNG image
signature.asc
Description: Ceci est une partie de message numériquement signée
- [Monotone-devel] keyring integration from a user POV, Benoît Dejean, 2007/04/07
- Re: [Monotone-devel] keyring integration from a user POV, Justin Patrin, 2007/04/07
- Re: [Monotone-devel] keyring integration from a user POV, Benoît Dejean, 2007/04/08
- Re: [Monotone-devel] keyring integration from a user POV, Benoît Dejean, 2007/04/09
- Re: [Monotone-devel] keyring integration from a user POV, Justin Patrin, 2007/04/09
- Re: [Monotone-devel] keyring integration from a user POV, Benoît Dejean, 2007/04/09
- Re: [Monotone-devel] keyring integration from a user POV, Justin Patrin, 2007/04/10
- Re: [Monotone-devel] keyring integration from a user POV, Derek Scherger, 2007/04/11
- Re: [Monotone-devel] keyring integration from a user POV, Justin Patrin, 2007/04/12
- Re: [Monotone-devel] keyring integration from a user POV, Zack Weinberg, 2007/04/12
unknown key.png