ssh private key password
lsof at nodata.co.uk
Thu Jan 8 22:02:14 UTC 2009
Am Donnerstag, den 08.01.2009, 16:54 -0500 schrieb Ricky Zhou:
> On 2009-01-08 10:42:28 PM, nodata wrote:
> > > Then why using ssh-add(1)?!
> > To add my key to ssh-agent.
> > >
> > > > I also find this a little disconcerting: I don't like giving my private
> > > > key's to programs that ask for it.
> > >
> > > Neither do I, but this one is _meant_ to do so.
> > But can't I chose which program stores my key? I'd rather something with
> > less code stores it.
> From the ssh-add manpage:
> DISPLAY and SSH_ASKPASS
> If ssh-add needs a passphrase, it will read the passphrase from
> the current terminal if it was run from a terminal. If ssh-add
> does not have a terminal associated with it but DISPLAY and
> SSH_ASKPASS are set, it will execute the program specified by
> SSH_ASKPASS and open an X11 window to read the passphrase. This
> is particularly useful when calling ssh-add from a .xsession or
> related script. (Note that on some machines it may be necessary
> to redirect the input from /dev/null to make this work.)
> Perhaps the dialog that pops up is the program specified by your
> SSH_ASKPASS environmental variable? I'm pretty sure that this is only
> for prompting, and the passphrase still only gets stored by ssh-agent.
I'm wondering when this changed (F10)? I'm sure it didn't act like this
In F9, I would only be prompted to enter my passphrase if I sshed to a
box that accepted pubkey authentication and a ssh-agent did not already
have the key.
In F10 it asks earlier: when ssh-add is run.
But oh well, it does.
More information about the fedora-devel-list