For my ssh keys that require passphrases, I use ssh-agent to cache the decrypted key so I don't have to type the passphrase every time. Until yesterday there was only one such key; last night I added a new one [1]. And, being the lazy thinker I am, I used the same passphrase as for the old one.
Now, I find that when I run ssh-add to tell ssh-agent about my keys, _both_ are added to the session after asking me the passphrase only once! This can only be secure and correct if the agent somehow compares the passphrases and knows they are the same; even then, it is _very_ surprising. Have you seen this and how do you explain it? [1] It was necessary to create a new rsa type key because of a stupid server which doesn't understand ecdsa keys. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
