Bug#477102: seahorse prends to replace ssh-agent but behaves very differently
David Madore
david.madore at ens.fr
Sun Apr 20 22:51:22 UTC 2008
Package: seahorse
Version: 2.22.0-1
I discovered of seahorse's existence because it is started from
/etc/X11/Xsession.d/60seahorse (thus without much of my consent) and
then prevents ssh-agent from being started (because it sets
SSH_AUTH_SOCK). This would be fine if it behaved as a drop-in
replacement for ssh-agent, but there are important differences. I
believe that either they should be smoothed out or else seahorse
should find a way not to exclude ssh-agent.
Here are the two most noticeable differences I came across, which
could definitely be considered as bugs in seahorse:
* Merely running "ssh-add -l" (with seahorse acting as agent and no
keys previously unlocked) opens a popup requesting a passphrase to
unlock the id_dsa key. Why is this? "ssh-add -l" should just list
keys, not try to add any identities to the agent.
* If I unlock the id_dsa key in the seahorse popup, then running
"ssh-add -D" will not remove it. No matter what I try to do with
ssh-add -D or ssh-add -d, this key won't go away and always shows up
when typing "ssh-add -l"; actually it is perhaps not really
loaded/unlocked, because trying to use it (with ssh) causes a popup
to prompt for a passphrase, but after "ssh-add -D" there should
definitely be no keys listed in "ssh-add -l".
I believe that until the behavior of seahorse is made to match that of
ssh-agent, the file /etc/X11/Xsession.d/60seahorse should not force
every gdm user having gnome installed to use it instead of ssh-agent.
More information about the pkg-gnome-maintainers
mailing list