Deleting SSH key(s) from agent

Karol Babioch karol at
Sun Aug 21 00:11:45 CEST 2016

Hi all,

I'm experimenting with using GPG as SSH agent. This basically works
fine, although I'm missing some advanced features, which the original
ssh-agent(1) provides.

More specifically it seems to be impossible to delete identities from
the agent once they are added. ssh-add -D returns: "All identities
removed.". However, it is actually not removed and is still available

It seems to be possible to deactivate the key through the sshcontrol
file, i.e. by commenting it out. While this removes it temporarily from
the agent, simply commenting it back in, activates the key again, At
least as long as the TTL is not yet expired. All in all this is not a
great solution.

The same is true for locking the agent down. This feature seems to be
not implemented at all. I can lock the agent, but it makes no difference
whether or not it is actually locked or unlocked, it always operates

Are these "advanced" features simply not implemented, or am I missing
something here? How are you dealing with this?

Thanks in advance!

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160821/d7b01625/attachment.sig>

More information about the Gnupg-users mailing list