Automating pam_keyring...
Jonathan Underwood
jonathan.underwood at gmail.com
Fri Jul 20 17:19:19 UTC 2007
On 20/07/07, Jonathan Underwood <jonathan.underwood at gmail.com> wrote:
> On 20/07/07, Bill Nottingham <notting at redhat.com> wrote:
> > Jonathan Underwood (jonathan.underwood at gmail.com) said:
> > > Warning: Your system is not configured to cache passphrases in secure
> > > memory.
> > >
> > > I suspect this is about keys being stored in memory that can be
> > > swapped out - I am not sure we have the infrastructure in place to do
> > > anything about that yet, though?
> >
> > Well, it's just using mlock(). Why is it getting that error, though - is
> > it trying to allocate more than the current default?
> >
>
> Am not sure how I would tell? I am seeing that message even though no
> PGP keys are cached, only an ssh one is. I am not sure if ssh-agent
> keeps keys in mlock'ed memory or not.
>
Yes, as I suspected looking at /proc/pid/status of the ssh-agent, I see:
VmLck: 0 kB
and so ssh-agent isn't using mlock'd memory, which is probably what
seahorse is grumbling about.
[As an aside, I wonder if that constitutes a security hole in ssh-agent].
J.
More information about the devel
mailing list