On 27-11-2018, at 13h 33'55", Ionel Mugurel Ciobîcă wrote about "issues with stretch, part 1 of many" > > > Dear all, > > I have many issues with stretch which I cannot figure it out. I will > post one at the time, to keep it clear and simple. > > I use Debian since 1997. I never had an issue with any release, except > stretch. I installed fresh using net install disk. The install went OK > (except I was forced to chose a wrong timezone (I was not asked about > the continent), but that I fix after installation). > > The first question I want to ask relates to ssh, ssh-ask and > ssh-agent. When I ssh to another computer I am asked "Allow use of key > id_rsa? Key fingerprint ..." If I uninstall all ssh-ask programs I > simply can't use the ssh-agent anymore and I am prompted for password. > I try ssh-ask, ssh-ask-fullscreen, ssh-ask-gnome and the similar from > kde. I check the /etc/ssh/ssh_config and /etc/ssh/sshd_config for > anything that may relate to this. The only think coming close are: > UsePAM yes > ChallengeResponseAuthentication no > > Is there something I overlook? > > To be clear, I do not want to be asked if I allow the use of a key, I > just want this to be assumed yes, as it was the case in the past. > > So, I run Linux 4.9.0-8-amd64, Debian 9u6. ssh is openssh_7.4p1, > openssl 1.0.2l ssh-agent is started in $HOME/.xsessionrc as: > eval `ssh-agent -s` >
A hint of the followup questions already is given by the ssh-agent the first time when the passphrase is introduced, by announcing: "Enter passphrase for id_rsa (will confirm each use):". I do not want to confirm each usage. My .xsession(rc) contains many calls of "xterm -e ssh ..." using -geometry to position the xterms, and all of those "allow use of key..." questions agglomerates on the same place, one on top of each other. I do not understand conceptually why this would be desired (to be asked again and again). The point of ssh-agent was to make it simpler, not more complicated. If I want to be asked, I will not use the agent, so I can input password when connecting... Kind regards, Ionel
