Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Question about passphrases with protocol 1.
- Steven W. Orr
July 15, 2003, 2:13 pm
rate this thread
I just recently installed keychain (which I think is pretty cool).
I have two keys. The first is a DSA ssh2 key and the second is ssh1 RSA.
They both have the same non-null passphrase.
When I first log in (after a fresh reboot), my login runs ssh-agent and
then runs ssh-add. The problem is that both keys have the same passphrase
but I only get asked for one passphrase. This, even though it clearly
knows that it's loading two keys.
keychain ~/.ssh/id_dsa ~/.ssh/identity
. ~/.keychain/$(uname -n)-sh
I'm in the middle of reading the ssh book, but for the life of me, I can't
understand how it can ask me for one passphrase and yet both keys still
work. It is reproducible every time.
I posted this to the ssh list but no response.
Can someone explain this?
-Time flies like the wind. Fruit flies like a banana. Stranger things have -
-happened but none stranger than this. Does your driver's license say Organ
-Donor?Black holes are where God divided by zero. Listen to me! We are all-
-individuals! What if this weren't a hypothetical question?
steveo at syslang.net
Re: Question about passphrases with protocol 1.
SWO> I have two keys. The first is a DSA ssh2 key and the second is
SWO> ssh1 RSA. They both have the same non-null passphrase.
SWO> I'm in the middle of reading the ssh book, but for the life of
SWO> me, I can't understand how it can ask me for one passphrase and
SWO> yet both keys still work. It is reproducible every time.
% man ssh-add
ssh-add adds RSA or DSA identities to the authentication agent,
ssh-agent(1). When run without arguments, it adds the files
$HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. Alterna-
tive file names can be given on the command line. If any file requires a
passphrase, ssh-add asks for the passphrase from the user. The
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum