#569510 gnome-keyring as ssh-agent tries to unlock default key when another key works

Package:
gnome-keyring
Source:
gnome-keyring
Description:
GNOME keyring services (daemon and tools)
Submitter:
Jay Berkenbilt
Date:
2010-02-12 00:24:05 UTC
Severity:
minor
#569510#5
Date:
2010-02-12 00:22:38 UTC
From:
To:
*** Please type your report below this line ***

I use gnome-keyring to replace ssh-agent.  I have multiple ssh keys that
I use for different systems.  If I explicitly load one key with ssh-add
but don't "unlock" my default ssh key and then ssh to somewhere where
the alternative key is sufficient, gnome-keyring still pops up a dialog
asking me to unlock my default key.  If I cancel, the ssh operation
still succeeds because the other key is loaded.

It would be nice if it didn't behave that way.  I shouldn't have to
unlock my default key if I've loaded a working key to some site.

I don't know exactly how ssh communicates with its agent, but I do know
that the regular ssh-agent that's part of openssh-client doesn't suffer
from this deficiency.

To reproduce this, just create some alternative ssh key with ssh-keygen
and put its public key in an authorized_keys file.  Then ssh there
without loading your default key.

Please let me know if you need more a specific recipe for reproducing
the problem or if I should directly report this upstream.