Bug#461829: seahorse-agent Improperly Caches SSH Keys by Default; Refuses to Relinquish Them
Josselin Mouette
joss at debian.org
Mon Jan 21 10:20:51 UTC 2008
Le dimanche 20 janvier 2008 à 20:07 -0800, Leo L. Schwab a écrit :
> Package: seahorse
> Version: 2.20.3-1
> Severity: important
>
> seahorse-agent upon startup appears to sniff through my ~/.ssh
> directory, find any SSH identity keys, and automagically add them to
> ssh-agent. This appears to be default behavior, and is really, really
> wrong.
This setup is far from being the standard, even among people heavily
using SSH keys. This problem will exist only for a very small minority,
for which the preferences are here to deactivate the behavior.
Frankly, I think you should talk about that with upstream, on
seahorse-list at gnome.org. This is far beyond the things we are ready
to change for the Debian package.
> After some Googling around, I discovered this broken behavior
> can be disabled via seahorse-preferences, so my immediate issue is
> solved. Nevertheless, I contend this, at the very least, should not be
> default behavior, and in fact should be seriously reconsidered. There
> is absolutely no way for seahorse-agent to know the policy
> considerations attached to any keys it may find lurking in ~/.ssh, and
> therefore should not -- by default, anyway -- be trying to do anything
> "clever" or "helpful" with them.
Seahorse is precisely here for doing helpful things with, among other
things, SSH keys. The behavior you find annoying is helpful for people
with a sane setup.
So, we are not going to change the default unless something useful
arises from your discussion with upstream.
Cheers,
--
.''`.
: :' : We are debian.org. Lower your prices, surrender your code.
`. `' We will add your hardware and software distinctiveness to
`- our own. Resistance is futile.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20080121/984fe54e/attachment.pgp
More information about the pkg-gnome-maintainers
mailing list