Bug#493874: ssh-add -c reports SSH_AGENT_FAILURE and doesn't ask for confirmation

[Wouter Verhelst <w@uter.be>]

On Wed, Aug 06, 2008 at 01:35:13AM +0100, Colin Watson wrote:
> On Tue, Aug 05, 2008 at 11:51:49AM -0300, Wouter Verhelst wrote:
> > Since a while, when running 'ssh-add -c' (which is supposed to make
> > ssh-agent ask the user for confirmation before allowing use of an ssh
> > key), ssh-add prints "SSH_AGENT_FAILURE" on a line by itself (without
> > explaining what the exact failure is). The result seems to be that
> > ssh-agent then does know the key and allows software to use it, but it
> > does not request user confirmation before giving out the secret key.
> 
> I can't reproduce this:
> 
>   <cjwatson@sarantium ~>$ ssh-add -c
>   Enter passphrase for /home/cjwatson/.ssh/id_rsa:
>   Identity added: /home/cjwatson/.ssh/id_rsa (/home/cjwatson/.ssh/id_rsa)
>   The user has to confirm each use of the key
> 
> Is it possible that you are not in fact using ssh-agent, but a different
> not-quite-compatible agent provided by something like seahorse? Have a
> look at what's behind $SSH_AUTH_SOCK.

Yes, that does appear to be the case; $SSH_AUTH_SOCK seems to be served
by gnome-agent. I apparently also can't get rid of it without removing
gdm.

Sigh. Why do the gnome people have to be so insane? Oh well.

-- 
<Lo-lan-do> Home is where you have to wash the dishes.
  -- #debian-devel, Freenode, 2004-09-22