mpeter50
commented
8 months ago As a sidenote, process identity (path, PID) could also be good to be aware of, but I doubt that could be reliably obtained.
Open mpeter50 opened 8 months ago
mpeter50
commented
8 months ago As a sidenote, process identity (path, PID) could also be good to be aware of, but I doubt that could be reliably obtained.
KeeAgent's confirmation dialog currently only shows the key's comment and its fingerprint when an ssh client wants to use it. I think this way it is often not easy to recognize which key was requested to be used.
Usually the key's comment is just the default username@hostname for the user and machine where the key was generated, and there are usually several keys with the same comment if the user has keys for multiple remote systems. I could change the comment and that would be a solution to this problem, but I think this comment is useful to keep this way, because on the remote system it is meaningful, and additional details wouldn't be so. However, ssh-keygen prompts for the filename by default, and I have found that way to be a natural way to name my keys for their purpose. Other than that, it is also easier to update the key's name in the title of the KeePass entry, compared to exporting the attachment, changing its comment and reimporting it, or finding the referenced external file and changing it there.
For this reason, I think it would be useful if among the currently shown information the confirmation window would display these:
With the above 2 or 3 details included, it would be easier to recognize the requested key and decide on whether I want to allow its use.