openssh bugs - Nov 2012 - [Bug 2046] New: ssh-add -d does not drop certificate

https://bugzilla.mindrot.org/show_bug.cgi?id=2046

          Priority: P5
            Bug ID: 2046
          Assignee: unassigned-bugs at mindrot.org
           Summary: ssh-add -d does not drop certificate
          Severity: trivial
    Classification: Unclassified
                OS: Linux
          Reporter: ondrej at caletka.cz
          Hardware: All
            Status: NEW
           Version: 6.1p1
         Component: ssh-add
           Product: Portable OpenSSH

When using ssh-add -d to drop keys previously learned by invoking
ssh-add without arguments, only raw key is dropped even if there is
also a certificate in ~/.ssh/id_rsa-cert.pub.

As I see the purpose of -d switch is to undo previous ssh-add command,
I think the correct behaviour is to drop the certificate as well.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2046

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
           Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org
   Attachment #2193|                            |ok?(dtucker at zip.com.au)
              Flags|                            |

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Created attachment 2193
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2193&action=edit
Make ssh-add -d remove certificate too

Right.

It is possible to remove a cert by explicitly listing its *-cert.pub
file, but this isn't symmetric with ssh-add's behaviour and is
therefore not what users would reasonably expect.

This patch makes ssh-add -d remove both the plain key and the
corresponding certificate. It also makes -d respect the recently-added
-k option to allow selectively removing just the key.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2046

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|                            |2035

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2046

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Applied - this will be in openssh-6.2, due early next year

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2046

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |FIXED

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2046

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
mark bugs closed by openssh-6.2 release as CLOSED

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2046

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2193|ok?(dtucker at dtucker.net)    |
              Flags|                            |

-- 
You are receiving this mail because:
You are watching the assignee of the bug.