Bug#471122: seahorse force-loads ssh keys that are already loaded
Le samedi 24 mai 2008 à 06:30 +0300, Wouter Van Hemel a écrit : How does that work? Do I have to type the password seperately upon login, does gnome-keyring link to GDM/PAM, or does it store the password on disk? Perhaps there's a gnome-keyring PAM module being planned? This is indeed done with a specific PAM module. The data is stored in a file encrypted with AES128 using the login password. Cheers, -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `-our own. Resistance is futile. signature.asc Description: Ceci est une partie de message numériquement signée
Bug#471122: seahorse force-loads ssh keys that are already loaded
On Wed, 28 May 2008 03:12:37 +0200 Josselin Mouette [EMAIL PROTECTED] wrote: This is indeed done with a specific PAM module. The data is stored in a file encrypted with AES128 using the login password. I've spent some effort in configuring PAM to use libpam-ssh through GDM. I use KDE, really. Now I have ssh-agent and gnome-keyring fighting over keys, in KDE, while I did configure my system to use ssh-agent already. This is a bit irritating, and probably shouldn't occur. Why is gnome-keyring running in KDE? Is this a Freedesktop move or a (too lenient) dependency problem in Debian? Shouldn't there be some dependency conflict between the ssh-agent and gnome-keyring packages then? Or between libpam-ssh and gnome-keyring? This way it's causing a lot of confusion and undoing whatever configuration people have already done on their machines with ssh-agent or libpam-ssh. I'm disabling gnome-keyring ssh-agent functionality for now (for reference): # gconftool-2 --set -t bool /apps/gnome-keyring/daemon-components/ssh false ... but it might be best to let the package system clear up the confusion between some of the above mentioned packages by conflicting. Thanks for your help though! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#471122: seahorse force-loads ssh keys that are already loaded
Hello, I understand you might be very busy, but have you already had a chance to track down why this dialog pops up and requests to unlock already unlocked keys? Thanks! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#471122: seahorse force-loads ssh keys that are already loaded
Le samedi 24 mai 2008 à 02:58 +0300, Wouter Van Hemel a écrit : Hello, I understand you might be very busy, but have you already had a chance to track down why this dialog pops up and requests to unlock already unlocked keys? Actually this doesn’t come from seahorse but from gnome-keyring. gnome-keyring-daemon completely replaces ssh-agent and as such will not use the unlocking you’ve done in PAM. However, if you decide to store the passphrase in the “login” keyring, it will be automatically unlocked upon login as well. Cheers, -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `-our own. Resistance is futile. signature.asc Description: Ceci est une partie de message numériquement signée
Bug#471122: seahorse force-loads ssh keys that are already loaded
On Sat, 24 May 2008 03:59:55 +0200 Josselin Mouette [EMAIL PROTECTED] wrote: Le samedi 24 mai 2008 à 02:58 +0300, Wouter Van Hemel a écrit : Hello, I understand you might be very busy, but have you already had a chance to track down why this dialog pops up and requests to unlock already unlocked keys? Actually this doesn’t come from seahorse but from gnome-keyring. gnome-keyring-daemon completely replaces ssh-agent and as such will not use the unlocking you’ve done in PAM. However, if you decide to store the passphrase in the “login” keyring, it will be automatically unlocked upon login as well. How does that work? Do I have to type the password seperately upon login, does gnome-keyring link to GDM/PAM, or does it store the password on disk? Perhaps there's a gnome-keyring PAM module being planned? Cheers, Thanks for your help, Wouter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#471122: seahorse force-loads ssh keys that are already loaded
Package: seahorse Version: 2.22.0-1 Severity: minor Hello, I load my DSA key through PAM and GDM, logging in with my key's password. But since a few days, seahorse asks my already unlocked password in a GTK dialog when I try to connect to a server for the first time in a session. Perhaps seahorse-agent deletes the already cached key, or just tries to overwrite it? I don't really want to type my password twice... ;) Thanks for your time, Wouter -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.24 Locale: LANG=C, LC_CTYPE=en_GB.utf-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages seahorse depends on: ii gconf2 2.22.0-1 GNOME configuration database syste ii libart-2.0-2 2.3.20-1 Library of functions for 2D graphi ii libatk1.0-01.22.0-1 The ATK accessibility toolkit ii libavahi-client3 0.6.22-2 Avahi client library ii libavahi-common3 0.6.22-2 Avahi common library ii libavahi-glib1 0.6.22-2 Avahi glib integration library ii libbonobo2-0 2.21.90-1 Bonobo CORBA interfaces library ii libbonoboui2-0 2.21.90-1 The Bonobo UI library ii libc6 2.7-9 GNU C Library: Shared libraries ii libcairo2 1.4.14-1 The Cairo 2D vector graphics libra ii libdbus-1-31.1.20-1 simple interprocess messaging syst ii libdbus-glib-1-2 0.74-1simple interprocess messaging syst ii libgcc11:4.3.0-1 GCC support library ii libgconf2-42.22.0-1 GNOME configuration database syste ii libglade2-01:2.6.2-1 library to load .glade files at ru ii libglib2.0-0 2.16.1-1 The GLib library of C routines ii libgnome-keyring0 2.22.0-1 GNOME keyring services library ii libgnome2-02.20.1.1-1The GNOME 2 library - runtime file ii libgnomecanvas2-0 2.20.1.1-1A powerful object-oriented display ii libgnomeprint2.2-0 2.18.4-1 The GNOME 2.2 print architecture - ii libgnomeprintui2.2-0 2.18.2-1 GNOME 2.2 print architecture User ii libgnomeui-0 2.20.1.1-1The GNOME 2 libraries (User Interf ii libgnomevfs2-0 1:2.22.0-1GNOME Virtual File System (runtime ii libgpg-error0 1.4-2 library for common error values an ii libgpgme11 1.1.6-2 GPGME - GnuPG Made Easy ii libgtk2.0-02.12.9-2 The GTK+ graphical user interface ii libgtksourceview2.0-0 2.2.0-1 shared libraries for the GTK+ synt ii libice62:1.0.4-1 X11 Inter-Client Exchange library ii libldap-2.4-2 2.4.7-6.1 OpenLDAP libraries ii libnautilus-extension1 2.20.0-3 libraries for nautilus components ii libnotify1 [libnotify1 0.4.4-3 sends desktop notifications to a n ii libnspr4-0d4.7.0-2 NetScape Portable Runtime Library ii liborbit2 1:2.14.10-0.1 libraries for ORBit2 - a CORBA ORB ii libpanel-applet2-0 2.20.3-3 library for GNOME Panel applets ii libpango1.0-0 1.20.0-1 Layout and rendering of internatio ii libpopt0 1.10-3lib for parsing cmdline parameters ii libsm6 2:1.0.3-1+b1 X11 Session Management library ii libsoup2.4-1 2.4.0-1 an HTTP library implementation in ii libxml22.6.31.dfsg-2 GNOME XML library ii libxul0d 1.8.1.12-5Gecko engine library ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime Versions of packages seahorse recommends: ii openssh-client1:4.7p1-4 secure shell client, an rlogin/rsh -- debconf information: * seahorse/SUID: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
