Bug#735664: openssh-client: ssh-agent gets duplicate keys, breaks ssh-add
Timo Weingärtner
timo at tiwe.de
Sat Jan 18 11:07:19 UTC 2014
On Sat, 2014-01-18 01:08:06 Francois Gouget wrote:
> On Fri, 17 Jan 2014, Timo Weingärtner wrote:
> > This looks like you're using ssh-add from openssh-client, but
> > gnome-keyring
> > as ssh-agent (not the one from openssh-agent).
>
> I do have a gnome-keyring process:
> $ ps aux
> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
> fgouget 4170 0.0 0.1 586348 4456 ? Sl 00:39 0:00
> /usr/bin/gnome-keyring-daemon --daemonize --login
>
> However I also have an ssh-agent process and the environment points to
> that process:
>
> $ env | grep SSH_
> SSH_AGENT_PID=4229
> SSH_AUTH_SOCK=/run/user/1000/keyring-o10tSl/ssh
The environment points to a process and to a socket. The process id is used by
ssh-agent -k, the socket by ssh-add and ssh. Judging from the path, the socket
belongs to gnome-keyring, not to openssh. You can verify that with lsof.
> So ssh-add should really connect to the openssh ssh-agent process and
> not to gnome-keyring-daemon. Or is the latter somehow hijacking the
> former?
I guess gnome-keyring just overwrites SSH_AUTH_SOCK and leaves SSH_AGENT_PID
untouched.
Timo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20140118/fd4d6594/attachment.sig>
More information about the pkg-gnome-maintainers
mailing list