summaryrefslogtreecommitdiff
path: root/website/bugs/handle-passphrase-locked-secret-keys.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'website/bugs/handle-passphrase-locked-secret-keys.mdwn')
-rw-r--r--website/bugs/handle-passphrase-locked-secret-keys.mdwn6
1 files changed, 5 insertions, 1 deletions
diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
index ae5bf72..2df14eb 100644
--- a/website/bugs/handle-passphrase-locked-secret-keys.mdwn
+++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
@@ -32,7 +32,7 @@ primary key, then something like the following script should actually
work for reasonable values of `$KEYID`:
TMPDIR=$(mktemp -d)
- uname 077
+ umask 077
mkfifo "$TMPDIR/passphrase"
kname="MonkeySphere Key $KEYID"
mkfifo "$TMPDIR/$kname"
@@ -50,6 +50,10 @@ so if we can get it incorporated into upstream (and/or into debian),
we have a possible solution, as long as the authentication key is a
subkey, and not a primary key.
+As of version 0.11-1, `monkeysphere subkey-to-ssh-agent` implements
+this particular strategy (and fails cleanly if the version of GnuTLS
+present doesn't support the GNU dummy S2K extension).
+
---------
Ben Laurie and Rachel Willmer's