Le mardi 10 avril 2007 à 09:45 -0700, Justin Patrin a écrit : > On 4/9/07, Benoît Dejean <[EMAIL PROTECTED]> wrote: > > Le lundi 09 avril 2007 à 14:40 -0700, Justin Patrin a écrit : > > > On 4/9/07, Benoît Dejean <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > If you do it using ssh-add (which is > > > > > a command-line program) then it's going to ask on the command-line. > > > > > > > > No. Graphical GTK+. > > > > ssh-add -l pops up graphical prompt on first use. > > > > > > No, ssh-add is not popping up a graphical prompt. gnome-keyring is. > > > There's a chain of processes here at work. > > > * ssh-add -l is asking for a list of keys from the agent > > > * ssh-agent looks for its list of keys > > > > (Do you think i should fill a bug against ssh-agent because it tries to > > unlock my keys just to list them ?) > > I'm not sure. I would think you'd normally have your keys unlocked > when logged in....do you lock them after a certain amount of time? Any > program that needs to use your keys would likely cause them to unlock. > Don't you have to enter your password when you ssh as well?
I am concerned about having to unlock all my keys on startup where is would prefer to unlock them on first use. > > > > > * seahorse-agent notices that you want to look at the key and asks > > > gnome-keyring for the password to decrypt it so that it can be added > > > to the agent > > > * gnome-password asks for your master passphrase to unlock your key > > > passphrase (or just asks for your passphrase for the key depending on > > > how you have it set up) > > > > > > Then back the other way > > > > > > * gnome-password passes the passphrase back to seahorse-agent > > > * seahorse-agent uses the passphrase to decrypt your key and pass it > > > to ssh-agent > > > * ssh-agent adds the key to its in-memory keystore and passes the list > > > of keys to ssh-add > > > * ssh-add lists your keys > > > > > > Or something close to that anyway. mtn uses ssh-agent, not > > > gnome-keychain or seahorse-agent so it asks for the passphrase itself. > > > > Hum OK. Somthing is really inconsistent here because "ssh-add -l" uses a > > graphical prompt where "ssh-add key" doesn't. Or maybe i don't > > understand. I have to reread this thread. > > It's not inconsistent. It makes perfect sense, in fact. ssh-add -l is > only listing keys so ssh-agent and hence seahorse and gnome-keychain > are the ones loading the keys and causing the prompts. When you > ssh-add key ssh-add is the one loading the key and hence needs your > password. OK > > > > I have tried to import my mtn.key in seahorse but the key fails to load > > "file:///home/monotone/mtn_benoit > > 0x7f7f7f7flacenet.org.key: Invalid file format" > > > > Sounds like seahorse doesn't support all of the key formats that > ssh-agent/add does. I had to patch SSHKeychain to make it allow > importing of this format. Have you forwarded this patch upstream ? -- Benoît Dejean GNOME http://www.gnomefr.org/ LibGTop http://directory.fsf.org/libgtop.html
signature.asc
Description: Ceci est une partie de message numériquement signée
_______________________________________________ Monotone-devel mailing list [EMAIL PROTECTED] http://lists.nongnu.org/mailman/listinfo/monotone-devel