ok, so the problem is with whatever ssh-agent that Debian is using (probably seahorse-agent). They aren't using the OpenSSH one.
The problem is not with OpenSSH's ssh-add - it just sends the "delete all keys" message (specified in [1]) and trusts that the agent does the right thing. OpenSSH's certainly does.
I suggest that you follow up with the developers of seahorse-agent - this is a significant security bug as it could leave keys exposed when the user thought they deleted them.
ok, so the problem is with whatever ssh-agent that Debian is using (probably seahorse-agent). They aren't using the OpenSSH one.
The problem is not with OpenSSH's ssh-add - it just sends the "delete all keys" message (specified in [1]) and trusts that the agent does the right thing. OpenSSH's certainly does.
I suggest that you follow up with the developers of seahorse-agent - this is a significant security bug as it could leave keys exposed when the user thought they deleted them.
[1] http:// www.openbsd. org/cgi- bin/cvsweb/ ~checkout~ /src/usr. bin/ssh/ PROTOCOL. agent?rev= HEAD