severity 513235 important thanks Le mardi 27 janvier 2009 à 15:43 +0100, Bjørn Mork a écrit : > Package: gnome-keyring > Version: 2.22.3-2 > Severity: critical > Tags: security > Justification: breaks unrelated software
No, SSH is not unrelated software. Not only it is related, but it is not “broken” by this bug. > I regularily log into a system which uses different ssh keys to select > different > configurations. This fails if gnome-keyring-daemon is running. It seems to > use > previously learned keys even if you specify "ssh -i <keyfile>", or use the > IdentityFile keyword in ~/.ssh/config. It would be interesting to see whether this happens if you use ssh-agent instead of gnome-keyring. If you add the first key to the agent, do you see the same behavior with "ssh -i key2" ? My guess is that ssh tries the keys proposed by the agent before those passed with the -i option. And if this is the case, there is nothing that can be changed in gnome-keyring-daemon for that. > Please fix before releasing lenny. Or at least disable gnome-keyring-daemon > on default installations. /usr/share/doc/gnome-keyring/README.Debian documents how to disable the SSH agent functionality. Cheers, -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `- our own. Resistance is futile.
signature.asc
Description: Ceci est une partie de message numériquement signée