yubikey-agent: support ssh-add -D to close Yubikey transaction (#121)

Updates #109
FiloSottile · Mar 20, 2022 · 6d9db9c · 6d9db9c
1 parent 205a7ef
commit 6d9db9c
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -106,10 +106,10 @@ Host *
 
 `yubikey-agent` takes a persistent transaction so the YubiKey will cache the PIN after first use. Unfortunately, this makes the YubiKey PIV and PGP applets unavailable to any other applications, like `gpg-agent` and Yubikey Manager. Our upstream [is investigating solutions to this annoyance](https://github.com/go-piv/piv-go/issues/47).
 
-If you need `yubikey-agent` to release its lock on the YubiKey, send it a hangup signal. Likewise, you might have to kill `gpg-agent` after use for it to release its own lock.
+If you need `yubikey-agent` to release its lock on the YubiKey, send it a hangup signal or use `ssh-add`'s "delete all identities" flag. Likewise, you might have to kill `gpg-agent` after use for it to release its own lock.
 
 ```
-killall -HUP yubikey-agent
+ssh-add -D
 ```
 
 This does not affect the FIDO2 functionality.

diff --git a/main.go b/main.go
@@ -183,7 +183,7 @@ func (a *Agent) Close() error {
 	a.mu.Lock()
 	defer a.mu.Unlock()
 	if a.yk != nil {
-		log.Println("Received SIGHUP, dropping YubiKey transaction...")
+		log.Println("Received HUP, dropping YubiKey transaction...")
 		err := a.yk.Close()
 		a.yk = nil
 		return err
@@ -336,7 +336,7 @@ func (a *Agent) Remove(key ssh.PublicKey) error {
 	return ErrOperationUnsupported
 }
 func (a *Agent) RemoveAll() error {
-	return ErrOperationUnsupported
+	return a.Close()
 }
 func (a *Agent) Lock(passphrase []byte) error {
 	return ErrOperationUnsupported