[pkg-gnupg-maint] Bug#846175: Bug#846175: gnupg-agent: Cannot use/delete ssh keys w/ empty passphrase
Matthias Urlichs
matthias at urlichs.de
Tue Nov 29 13:49:43 UTC 2016
On 29.11.2016 10:39, Werner Koch wrote:
> /* FIXME: What to do here - forgetting the passphrase or deleting
> the key from key cache? */
>
> Given that there is no easy way to know the origin of the key (it may
> have been added by ssh-add or be for example a gpg subkey) I tend to
> implement the latter (i.e. forgetting the passphrase).
When in doubt, do both?
In any case, if it's been added by ssh-add, it needs to be dropped.
Otherwise you're not compatible with ssh-agent.
One of my use cases is to add the key (from removable media) to some
long-running process's key store. That process proceeds to do various
remote things, after which it no longer requires access and thus removes
the key.
I am currently unable to use gpg-agent for this.
> Indeed there is a bug when adding an ssh-key w/o passphrase.
… and, once that succeeds (in my case by using an earlier version),
actually using this key.
--
-- Matthias Urlichs
More information about the pkg-gnupg-maint
mailing list