Ubuntu
libpam-ssh package

pam_ssh does not add key to agent in (K)Ubuntu 13.10

Bug #1247169 reported by Peter Mühlenpfordt
152
This bug affects 33 people
Affects Status Importance Assigned to Milestone
libpam-ssh (Ubuntu)
Confirmed
Low
Unassigned

Bug Description

After upgrading from Kubuntu 13.04 to 13.10 pam_ssh does not unlock ssh key at login any more.
The problem also exists on a fresh installation of Kubuntu 13.10 as well as Ubuntu 13.10.

Steps to reproduce:
Create ssh keypair (ssh-keygen -t dsa) with the same password as login password
Install libpam-ssh
Until 13.04 after next login the key is added to a running ssh-agent (listed with 'ssh-add -l'), since 13.10 you have to enter the keyfile password any time you want to login to remote machines.

OS Release: "Description: Ubuntu 13.10 / Release: 13.10"
libpam-ssh 1.98-2 (i386)

ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: libpam-ssh 1.98-2
ProcVersionSignature: Ubuntu 3.11.0-12.19-generic 3.11.3
Uname: Linux 3.11.0-12-generic i686
ApportVersion: 2.12.5-0ubuntu2
Architecture: i386
Date: Fri Nov 1 17:06:09 2013
InstallationDate: Installed on 2013-11-01 (0 days ago)
InstallationMedia: Kubuntu 13.10 "Saucy Salamander" - Release i386 (20131016.1)
MarkForUpload: True
SourcePackage: libpam-ssh
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Peter Mühlenpfordt (muehlenp) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libpam-ssh (Ubuntu):
status: New → Confirmed
Revision history for this message
Ionică Bizău (bizauionica) wrote :

Asked this after upgrading to 13.10 on askubunut:

http://askubuntu.com/q/362280/148451

Maybe my solution helps someone.

Revision history for this message
Peter Mühlenpfordt (muehlenp) wrote :

Sure, we can do this by hand - but that's what pam_ssh should do automatically...

Revision history for this message
joh6nn (joh6nn) wrote :

on 12.04 using libpam-ssh_1.92-14, pam is complaining of the following in /var/log/auth.log:

Dec 1 13:32:45 localhost kdm: PAM unable to dlopen(pam_ssh.so): /lib/security/pam_ssh.so: cannot open shared object file: No such file or directory
Dec 1 13:32:45 localhost kdm: PAM adding faulty module: pam_ssh.so

symlinking /usr/lib/pam_ssh.so to /lib/security/pam_ssh.so resolved this error for me, and allowed pam_ssh.so to once again add keys to the ssh-agent

Revision history for this message
Peter Mühlenpfordt (muehlenp) wrote :

That's a different (fixed) bug, see here: https://bugs.launchpad.net/ubuntu/+source/libpam-ssh/+bug/848050

Revision history for this message
Jonathan Marsaud (zic) wrote :

Any scheduled upgrade for this bug?
Thank you.

Alberto Salvia Novella (es20490446e)
Changed in libpam-ssh (Ubuntu):
importance: Undecided → Low
Revision history for this message
Roberto Tyley (roberto-tyley) wrote :

The importance of this bug should be higher than 'low', surely? It's verging on a security flaw when you have to retype you ssh passphrase every time you perform and ssh/git/scp operation - it's certainly a serious usability failing.

Revision history for this message
Daniel Jenkins (jeukel) wrote :

Just had to deal with this bug and resolved using:

https://askubuntu.com/questions/362280/enter-ssh-passphrase-once

Still, 2016 and keeps alive???

Revision history for this message
Daniel Jenkins (jeukel) wrote :

Nop. Just until next reboot.

Revision history for this message
Tyson Tan (tysontan) wrote :

I always encounter this bug on every Ubuntu released after its discovery. I have to use RSA key to SSH everyday and it annoys me to no end.

Comment 9 helped me to workaround this bug though. That's a start! -_-

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.