On Tue, Aug 05, 2008 at 11:51:49AM -0300, Wouter Verhelst wrote: > Since a while, when running 'ssh-add -c' (which is supposed to make > ssh-agent ask the user for confirmation before allowing use of an ssh > key), ssh-add prints "SSH_AGENT_FAILURE" on a line by itself (without > explaining what the exact failure is). The result seems to be that > ssh-agent then does know the key and allows software to use it, but it > does not request user confirmation before giving out the secret key.
I can't reproduce this: <[EMAIL PROTECTED] ~>$ ssh-add -c Enter passphrase for /home/cjwatson/.ssh/id_rsa: Identity added: /home/cjwatson/.ssh/id_rsa (/home/cjwatson/.ssh/id_rsa) The user has to confirm each use of the key Is it possible that you are not in fact using ssh-agent, but a different not-quite-compatible agent provided by something like seahorse? Have a look at what's behind $SSH_AUTH_SOCK. -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]