Ubuntu
openssh package

[Jaunty/amd64] Agent admitted failure to sign using the key.

Bug #328445 reported by Matt Zimmerman
34
This bug affects 6 people
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Confirmed
High
Unassigned

Bug Description

Symptoms are similar to bug 201786, but as advised in that bug by Sebastien, I'm filing this separately.

I'm unable to use public key authentication while the agent is running, even if I specify a key with the -i option.

perseus:[~] ssh -i .ssh/a_keyfile some_host
Agent admitted failure to sign using the key.
Agent admitted failure to sign using the key.
Agent admitted failure to sign using the key.
Password:

ssh-add -l shows some keys in the agent, but they're unusable. This started happening in the past day or two, probably since a recent reboot (and thus new agent).

ProblemType: Bug
Architecture: amd64
DistroRelease: Ubuntu 9.04
Package: openssh-client 1:5.1p1-5ubuntu1
ProcEnviron:
 LC_COLLATE=C
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/zsh
SourcePackage: openssh
Uname: Linux 2.6.28-7-generic x86_64

Tags: apport-bug
Revision history for this message
Matt Zimmerman (mdz) wrote :
Revision history for this message
Soren Hansen (soren) wrote :

Which agent, exactly? ssh-agent, gpg-agent (which under some circumstances also provides an SSH agent) or seahorse?

Changed in openssh:
status: New → Incomplete
Revision history for this message
Matt Zimmerman (mdz) wrote : Re: [Bug 328445] Re: [Jaunty/amd64] Agent admitted failure to sign using the key.

On Thu, Feb 12, 2009 at 10:57:28AM -0000, Soren Hansen wrote:
> Which agent, exactly? ssh-agent, gpg-agent (which under some
> circumstances also provides an SSH agent) or seahorse?

perseus:[~] ps u $SSH_AGENT_PID
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
mdz 4089 0.0 0.0 35936 688 ? Ss 10:04 0:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --e

--
 - mdz

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Thanks for opening the new bug. I'm marking confirmed, and high.

I found that I could create a new key, and happily use that new keypair for public key authentication until I rebooted. Once I reboot, it's almost like that key is "blacklisted", and no longer usable per the error message in the title of the bug.

I get the same issue with programs: ssh, scp, rsync, putty. Like Matt, I'm running ssh-agent.

:-Dustin

:-Dustin

Changed in openssh:
importance: Undecided → High
status: Incomplete → Confirmed
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Downgrading to openssh-client_5.1p1-3ubuntu1_amd64.deb solves the problem for me.

Looking at the changelog, I see that openssh-blacklist and openssh-blacklist-extra were dropped to suggests, and are not currently installed on my system. Perhaps this is causing the problem?

:-Dustin

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Tried installing openssh-blacklist and openssh-blacklist-extra; does not solve the problem.

:-Dustin

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

I note that when I'm having this problem:
SSH_AUTH_SOCK=/tmp/keyring-9rqJvO/socket.ssh

I can workaround (solve?) this problem by:
export SSH_AUTH_SOCK=/tmp/ssh-ilNHaf4279/agent.4279

:-Dustin

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Actually, I can set SSH_AUTH_SOCK to anything (adsfasdfasdfasdf), or unset it.

I'm going to mark this bug a duplicate of Bug #328127.

:-Dustin

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.