Ubuntu

[Jaunty/amd64] Agent admitted failure to sign using the key.

Reported by Matt Zimmerman on 2009-02-12
34
This bug affects 6 people
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
High
Unassigned

Bug Description

Symptoms are similar to bug 201786, but as advised in that bug by Sebastien, I'm filing this separately.

I'm unable to use public key authentication while the agent is running, even if I specify a key with the -i option.

perseus:[~] ssh -i .ssh/a_keyfile some_host
Agent admitted failure to sign using the key.
Agent admitted failure to sign using the key.
Agent admitted failure to sign using the key.
Password:

ssh-add -l shows some keys in the agent, but they're unusable. This started happening in the past day or two, probably since a recent reboot (and thus new agent).

ProblemType: Bug
Architecture: amd64
DistroRelease: Ubuntu 9.04
Package: openssh-client 1:5.1p1-5ubuntu1
ProcEnviron:
 LC_COLLATE=C
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/zsh
SourcePackage: openssh
Uname: Linux 2.6.28-7-generic x86_64

Matt Zimmerman (mdz) wrote :
Soren Hansen (soren) wrote :

Which agent, exactly? ssh-agent, gpg-agent (which under some circumstances also provides an SSH agent) or seahorse?

Changed in openssh:
status: New → Incomplete

On Thu, Feb 12, 2009 at 10:57:28AM -0000, Soren Hansen wrote:
> Which agent, exactly? ssh-agent, gpg-agent (which under some
> circumstances also provides an SSH agent) or seahorse?

perseus:[~] ps u $SSH_AGENT_PID
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
mdz 4089 0.0 0.0 35936 688 ? Ss 10:04 0:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --e

--
 - mdz

Dustin Kirkland  (kirkland) wrote :

Thanks for opening the new bug. I'm marking confirmed, and high.

I found that I could create a new key, and happily use that new keypair for public key authentication until I rebooted. Once I reboot, it's almost like that key is "blacklisted", and no longer usable per the error message in the title of the bug.

I get the same issue with programs: ssh, scp, rsync, putty. Like Matt, I'm running ssh-agent.

:-Dustin

:-Dustin

Changed in openssh:
importance: Undecided → High
status: Incomplete → Confirmed
Dustin Kirkland  (kirkland) wrote :

Downgrading to openssh-client_5.1p1-3ubuntu1_amd64.deb solves the problem for me.

Looking at the changelog, I see that openssh-blacklist and openssh-blacklist-extra were dropped to suggests, and are not currently installed on my system. Perhaps this is causing the problem?

:-Dustin

Dustin Kirkland  (kirkland) wrote :

Tried installing openssh-blacklist and openssh-blacklist-extra; does not solve the problem.

:-Dustin

Dustin Kirkland  (kirkland) wrote :

I note that when I'm having this problem:
SSH_AUTH_SOCK=/tmp/keyring-9rqJvO/socket.ssh

I can workaround (solve?) this problem by:
export SSH_AUTH_SOCK=/tmp/ssh-ilNHaf4279/agent.4279

:-Dustin

Dustin Kirkland  (kirkland) wrote :

Actually, I can set SSH_AUTH_SOCK to anything (adsfasdfasdfasdf), or unset it.

I'm going to mark this bug a duplicate of Bug #328127.

:-Dustin

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers