Upstream says that this is security vulnerability. I agree. An important one too!
User can have action (like shortcut, screensaver, timeout, whatever) that does ssh-key -D, and he expect that his SSH keys are now secure... while they are still accessible! Upstream also says its most likely a problem with seahorse or other ssh agent; Although when I killed all my agents (seahorse*, ssh-agent) the same problem seemed to exist still - read comments in upstream bug report. ** This bug has been flagged as a security vulnerability -- ssh-add -D deleting all identities does not work. Also, why are all identities auto-added? https://bugs.launchpad.net/bugs/505278 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
