You are not logged in.

Pages: 1

#1 2024-03-05 18:16:20

Re4mstr
Member
Registered: 2020-08-07
Posts: 5

[SOLVED] ssh-agent - Signing failed

Hello.

For a long time, I have been using my laptop and ssh keys to comfortably manage all my servers.
A couple of days ago, I suddenly get this error message when I try to ssh to all of my servers.

"Sign_and_send_pubkey: signing failed for ED25519 "/home/user/.ssh/id_ed25519" from agent: agent refused operation"

I almost never change anything on my laptop. I update, then ssh.
Either way, all my other computers set up the same way does NOT do this..

What I would like is to have this work as it always has:
I turn on my computer, "ssh server.domain", i enter my key-password, ssh connection accepted.

What has happened? How do I fix it?

Solution:

Affected by bug reported here:
[url]https://bugzilla.mindrot.org/show_bug.cgi?id=3572[/url]

Last edited by Re4mstr (2024-03-05 20:47:51)

Offline

#2 2024-03-05 18:21:55

seth
Member
Registered: 2012-09-03
Posts: 52,630

Re: [SOLVED] ssh-agent - Signing failed

https://bbs.archlinux.org/viewtopic.php … 6#p2154956 ?

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#3 2024-03-05 19:10:35

Re4mstr
Member
Registered: 2020-08-07
Posts: 5

Re: [SOLVED] ssh-agent - Signing failed

seth wrote:

Thank you for the reply.

I looked into it, but I don't think this is the root cause of my problem.

My openssh version is 9.6p1-3 on both my computers.

I ran "sshd -t" as instructed in the OpenSSH part of the Arch wiki, which produces an output:
"sshd: no hostkeys available -- exiting."

I see host keys in my /etc/ssh/ folder..

Not sure where to go from here..

Offline

#4 2024-03-05 19:15:48

seth
Member
Registered: 2012-09-03
Posts: 52,630

Re: [SOLVED] ssh-agent - Signing failed

Are you using gnome-keyring at all?

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#5 2024-03-05 19:27:14

Re4mstr
Member
Registered: 2020-08-07
Posts: 5

Re: [SOLVED] ssh-agent - Signing failed

seth wrote:

Are you using gnome-keyring at all?

I am not.

I install OpenSSH, enable the sshd service, change the /etc/ssh/sshd_config and that's it.

I do no changes other than generating my keys per client, and modifying "authorized_keys".

Offline

#6 2024-03-05 20:08:54

seth
Member
Registered: 2012-09-03
Posts: 52,630

Re: [SOLVED] ssh-agent - Signing failed

This isn't sshd, the problem is "/home/user/.ssh/id_ed25519" on the laptop (not specifically the key but its handling)

ls -lR ~/.ssh

and what's your ssh-agent on the client (the laptop)?
ssh-agent, gpg-agent, … https://wiki.archlinux.org/title/SSH_keys#SSH_agents (resp. https://wiki.archlinux.org/title/SSH_keys#GNOME_Keyring )

Last edited by seth (2024-03-05 20:30:22)

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#7 2024-03-05 20:23:47

Re4mstr
Member
Registered: 2020-08-07
Posts: 5

Re: [SOLVED] ssh-agent - Signing failed

seth wrote:

This isn't sshd, the problem is "/home/user/.ssh/id_ed25519" on the laptop (not specifically the key but its handling)

ls -lR ~/.ssh

and what's your ssh-agent on the client (the laptop)?
ssh-agent, gpg-agent, …https://wiki.archlinux.org/title/SSH_keys#SSH_agents (resp. https://wiki.archlinux.org/title/SSH_keys#GNOME_Keyring )

.rw-------   98 user 14 Jan 14:13 authorized_keys
.rw-------  464 user 14 Jan 13:52 id_ed25519
.rw-r--r--   99 user 14 Jan 13:52 id_ed25519.pub
.rw------- 2.2k user  5 Mar 16:27 known_hosts
.rw------- 1.2k user  5 Mar 16:25 known_hosts.old

I have never had to think about the agent. I have not installed anything related to ssh other than the openssh package, so my assumption is "ssh-agent".

Indeed, the last section in the link does seem to make ssh-ing act as it normally does:
"-o IdentityAgent=none".

I made the keys on my desktop the same type as my laptop, so I'm not 100% sure the bug is affecting me..

Offline

#8 2024-03-05 20:37:57

seth
Member
Registered: 2012-09-03
Posts: 52,630

Re: [SOLVED] ssh-agent - Signing failed

The key permissions are ok, you're most likely hitting the ed25519 bug, specifically if the workaround works.

Please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#9 2024-03-05 20:46:12

Re4mstr
Member
Registered: 2020-08-07
Posts: 5

Re: [SOLVED] ssh-agent - Signing failed

seth wrote:

The key permissions are ok, you're most likely hitting the ed25519 bug, specifically if the workaround works.

Please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.

Alright.

Thank you for the assistance. Hopefully it is resolved and that my other computers won't be affected.

For reference:
https://bugzilla.mindrot.org/show_bug.cgi?id=3572

Offline

Pages: 1

Board footer

Powered by FluxBB