pam_ssh does not add key to agent in (K)Ubuntu 13.10

Bug #1247169 reported by Peter Mühlenpfordt on 2013-11-01
152
This bug affects 33 people
Affects Status Importance Assigned to Milestone
libpam-ssh (Ubuntu)
Low
Unassigned

Bug Description

After upgrading from Kubuntu 13.04 to 13.10 pam_ssh does not unlock ssh key at login any more.
The problem also exists on a fresh installation of Kubuntu 13.10 as well as Ubuntu 13.10.

Steps to reproduce:
Create ssh keypair (ssh-keygen -t dsa) with the same password as login password
Install libpam-ssh
Until 13.04 after next login the key is added to a running ssh-agent (listed with 'ssh-add -l'), since 13.10 you have to enter the keyfile password any time you want to login to remote machines.

OS Release: "Description: Ubuntu 13.10 / Release: 13.10"
libpam-ssh 1.98-2 (i386)

ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: libpam-ssh 1.98-2
ProcVersionSignature: Ubuntu 3.11.0-12.19-generic 3.11.3
Uname: Linux 3.11.0-12-generic i686
ApportVersion: 2.12.5-0ubuntu2
Architecture: i386
Date: Fri Nov 1 17:06:09 2013
InstallationDate: Installed on 2013-11-01 (0 days ago)
InstallationMedia: Kubuntu 13.10 "Saucy Salamander" - Release i386 (20131016.1)
MarkForUpload: True
SourcePackage: libpam-ssh
UpgradeStatus: No upgrade log present (probably fresh install)

Peter Mühlenpfordt (muehlenp) wrote :
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libpam-ssh (Ubuntu):
status: New → Confirmed
Ionică Bizău (bizauionica) wrote :

Asked this after upgrading to 13.10 on askubunut:

http://askubuntu.com/q/362280/148451

Maybe my solution helps someone.

Peter Mühlenpfordt (muehlenp) wrote :

Sure, we can do this by hand - but that's what pam_ssh should do automatically...

joh6nn (joh6nn) wrote :

on 12.04 using libpam-ssh_1.92-14, pam is complaining of the following in /var/log/auth.log:

Dec 1 13:32:45 localhost kdm: PAM unable to dlopen(pam_ssh.so): /lib/security/pam_ssh.so: cannot open shared object file: No such file or directory
Dec 1 13:32:45 localhost kdm: PAM adding faulty module: pam_ssh.so

symlinking /usr/lib/pam_ssh.so to /lib/security/pam_ssh.so resolved this error for me, and allowed pam_ssh.so to once again add keys to the ssh-agent

Peter Mühlenpfordt (muehlenp) wrote :
Jonathan Marsaud (zic) wrote :

Any scheduled upgrade for this bug?
Thank you.

Changed in libpam-ssh (Ubuntu):
importance: Undecided → Low
Roberto Tyley (roberto-tyley) wrote :

The importance of this bug should be higher than 'low', surely? It's verging on a security flaw when you have to retype you ssh passphrase every time you perform and ssh/git/scp operation - it's certainly a serious usability failing.

Daniel Jenkins (jeukel) wrote :

Just had to deal with this bug and resolved using:

https://askubuntu.com/questions/362280/enter-ssh-passphrase-once

Still, 2016 and keeps alive???

Daniel Jenkins (jeukel) wrote :

Nop. Just until next reboot.

Tyson Tan (tysontan) wrote :

I always encounter this bug on every Ubuntu released after its discovery. I have to use RSA key to SSH everyday and it annoys me to no end.

Comment 9 helped me to workaround this bug though. That's a start! -_-

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers