Gordon Messmer wrote:
> I believe the documentation wasn't written because services were
> intended to be identical to ssh-agent.

The problem is that it is configured in very different ways than
ssh-agent.  So it requires it's own documentation.

And further, the services are a long way from identical. :)

> The "ssh-add" tool can still be used to add and remove identities,
> and has its own man page.

Sure, and I find that many of the things documented to work in the
ssh-add manpage do not work with the ssh agent provided by gnome

Are you able to remove identities from the gnome provided agent?  I am
not.  Not with the -d or -D switch.

$ ssh-add -l
1024 61:34:65:0b:eb:cb:2b:83:cf:e2:3d:e9:9f:2f:c5:d3 id_dsa (DSA)
2048 27:c0:40:7c:f2:e5:4b:20:23:6b:19:2a:af:11:e7:6c id_rsa (RSA)

$ ssh-add -D
All identities removed.

$ ssh-add -l
1024 61:34:65:0b:eb:cb:2b:83:cf:e2:3d:e9:9f:2f:c5:d3 id_dsa (DSA)
2048 27:c0:40:7c:f2:e5:4b:20:23:6b:19:2a:af:11:e7:6c id_rsa (RSA)

Same for the -t option to have an identity expire, as well as the -x
option to lock the agent.  In the case of the -x option, ssh-add
prompts for a password to lock the agent and then reports "Agent
locked."  Yet the keys continue to be usable to login to remote

Unless I'm doing something very wrong (which is always a possible),
the gnome provided ssh agent is lacking a great many ways.

Perhaps worst of all, I have been unable to disable the gnome ssh
agent using the methods at http://live.gnome.org/GnomeKeyring/Ssh .
So what little documentation there is appears to be inaccurate. :(

Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
Hell is paved with good samaritans.
    -- William M. Holden

Attachment: pgpoGz04jSbEe.pgp
Description: PGP signature

fedora-list mailing list
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Reply via email to