key is removed from sshagent upon closing keepassxc #2980
Comments
|
This seems to have been the behavior even in 2.3.4. When SSHAgent was destructed it went through each key and removed the identity from the agent. keepassxc/src/sshagent/SSHAgent.cpp Lines 38 to 45 in 6fe821c I personally think this is the appropriate behavior. |
|
I just reinstalled v2.3.4 and performed the steps to reproduce listed. After closing KeePassXC, the keys are still in the agent. |
|
Yes that is my thought as well. The problem with leaving the keys in place when KeePassXC is explicitly shutdown is that we are not cleaning up after ourselves. Perhaps there can be an additional setting of "Keep key in agent after KeePassXC shutdown" which would be available if the "Keep key in agent after database lock" is enabled. |
KeePassXC 2.4.0 removes keys from the ssh agent even if those keys were added to the agent before KeePassXC was started. |
|
Browsing the source, it appears as if in 2.3.4 m_keys was being populated only for keys with the option "remove at lock". For 2.4.0 m_addedKeys is being populated also in addIdentity. See #2503 keepassxc/src/sshagent/SSHAgent.cpp Line 216 in 62dc4f4 |
|
If the remove-on-lock option is not set KeePassXC should not remove a key from the agent, even on exit. The user may want to just add keys the first time they open a database and leave them there, that's why remove-on-lock is an option. @PF93mc8y7erq92qTmTjJBysALa correctly identified |
* Restores behavior in 2.3.4 * Fixes #2980
|
WABAM, your wish is my command |
* Don't remove keys on app exit that would not be removed due to database locking. * Restores behavior from 2.3.4 * Fixes #2980
|
@droidmonkey |
Unlike with the previous version, keys are removed from the ssh agent upon closing KeePassXC.
At first glance, it seemed the setting "Remove key from agent when database is closed/locked" although unchecked, was being ignored when closing the database by closing KeePassXC itself.
Expected Behavior
I expect the key to still be available in the agent after closing the database and KeePassXC 2.4.0, as was the case with KeePassXC 2.3.4.
Current Behavior
Current settings are as follows:
The key remains in the agent after closing the database but not after closing KeePassXC. From what I recall, the key remained in the agent when using KeePassXC 2.3.4 after closing KeePassXC.
Possible Solution
Perhaps I was relying on an undefined/undocumented feature when using the previous version.
Steps to Reproduce
$ ssh-add -D)$ ssh-add -l)$ ssh-add -l)$ ssh-add -l)Context
My workflow previously had been to open the database with KeePassXC to add several keys to the ssh agent. This was followed by closing KeePassXC, opening later if/when needed (for other credentials).
My current workaround is to keep KeePassXC, locking and unlocking the database as needed, so that the keys stay in the ssh agent.
Before creating this issue report I searched for already reported issues and came across the following, which seemed related:
#2902
Debug Info
KeePassXC - Version 2.4.0
Revision: c51752d
Libraries:
Operating system: macOS Mojave (10.14)
CPU architecture: x86_64
Kernel: darwin 18.5.0
Enabled extensions:
The text was updated successfully, but these errors were encountered: