Hi, Am 23.08.2016 um 10:36 schrieb Peter Lebbing: > If I'm mistaken, I'd like to know. But I suspect the system was > correctly designed to thwart such a thing.
I'm pretty sure you are right, so this is not my concern. > So I don't think there is a need to ensure the correct key is used. However, it is annoying to be prompted for passphrases for each key in the keyring. This is even true for cases in which the public key of my smartcard is the first and only entry in authorized_keys on a SSH server. ssh-add -L lists the public key of my smartcard also first in the first place, so I'm not sure why I always get asked for other keys. On the other hand I do not want to have keys lying around unencrypted on disk. I could possibly get away with making a configuration using the Identity* directives from ssh_config(5), but this seems to be a PITA. Is it somehow possible for gpg-agent to _NOT_ ask for passphrases it does not need, e.g. to enforce that the smartcard is tried first for authentication? Best regards, Karol Babioch
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
