Deleting SSH key(s) from agent

Karol Babioch karol at babioch.de
Tue Aug 23 10:46:24 CEST 2016


Hi,

Am 23.08.2016 um 10:36 schrieb Peter Lebbing:
> If I'm mistaken, I'd like to know. But I suspect the system was
> correctly designed to thwart such a thing.

I'm pretty sure you are right, so this is not my concern.

> So I don't think there is a need to ensure the correct key is used.

However, it is annoying to be prompted for passphrases for each key in
the keyring. This is even true for cases in which the public key of my
smartcard is the first and only entry in authorized_keys on a SSH server.

ssh-add -L lists the public key of my smartcard also first in the first
place, so I'm not sure why I always get asked for other keys. On the
other hand I do not want to have keys lying around unencrypted on disk.

I could possibly get away with making a configuration using the
Identity* directives from ssh_config(5), but this seems to be a PITA.

Is it somehow possible for gpg-agent to _NOT_ ask for passphrases it
does not need, e.g. to enforce that the smartcard is tried first for
authentication?

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160823/21ab7ab6/attachment.sig>


More information about the Gnupg-users mailing list