SSH_ASKPASS variable no longer utilised from bashrc

This was working fine in fed 28, not working in fed 29

gnome-session is started via ssh-agent in


exec -l $SHELL -c "$SSH_AGENT gnome-session"

To prevent ssh agent hijacking I intend to use ssh-add -c, like:

ssh-add -c id_rsa

the goal is to make sure that there is a dialog which always asks for confirmation. However, when I do this and try to ssh somewhere, it says:

sign_and_send_pubkey: signing failed: agent refused operation

and then asks for password. If I run

ssh-add id_rsa

then ssh-ing works again. How could I ensure that there is a confirmation for agent forwarding?

------------------------------------- UPDATE ----------------------------------------
I have determined that the above is not working because my SSH_ASKPASS variable is no longer utilised from .bashrc. The SSH_ASKPASS is linked to a simple zenity script, as per the ssh-add man page, with successful confirmation being signaled by a zero.

I would appreciate if anyone can advise me on where SSH_ASKPASS variable should be set when starting ssh-agent from Xclients file. As it stands ssh-agent defaults to /usr/libexec/openssh/ssh-askpass which is the binary from the openssh-askpass program, whether openssh-askpass is installed or not.