← Back to team overview

desktop-packages team mailing list archive

[Bug 201786] Re: ssh Agent admitted failure to sign using the key on big endian machines

 

Summary of problem (for me):

* ssh host     fails with "ssh Agent admitted failure"
* SSH_AUTH_SOCK= ssh host     works just fine
* Conclusion:  gnome-keyring can't deal with complex keys

WORKAROUND:

mv $SSH_AUTH_SOCK $SSH_AUTH_SOCK.broken
ssh-agent -a $SSH_AUTH_SOCK

This is a new instance of ssh-agent, so it won't have any keys in it
(despite what seahorse says, since that's tied to the .broken agent).
You'll have to add them via ssh-add.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-keyring in Ubuntu.
https://bugs.launchpad.net/bugs/201786

Title:
  ssh Agent admitted failure to sign using the key on big endian
  machines

Status in Seahorse:
  Fix Released
Status in gnome-keyring package in Ubuntu:
  Triaged
Status in openssh package in Ubuntu:
  Confirmed

Bug description:
  on hardy (preserved home folder from feisty) i get the following when
  i try to ssh

  Agent admitted failure to sign using the key.
  Permission denied (publickey).

  or with verbose on

  sam@titania:~$ ssh -v oberon
  OpenSSH_4.7p1 Debian-4ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
  debug1: Reading configuration data /home/sam/.ssh/config
  debug1: Applying options for oberon
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Applying options for *
  debug1: Connecting to ###### [######] port ##.
  debug1: Connection established.
  debug1: identity file /home/sam/.ssh/identity type -1
  debug1: identity file /home/sam/.ssh/id_rsa type 1
  debug1: identity file /home/sam/.ssh/id_dsa type -1
  debug1: Remote protocol version 2.0, remote software version OpenSSH_4.6p1 Debian-5ubuntu0.1
  debug1: match: OpenSSH_4.6p1 Debian-5ubuntu0.1 pat OpenSSH*
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-4ubuntu1
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-cbc hmac-md5 none
  debug1: kex: client->server aes128-cbc hmac-md5 none
  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  debug1: using hostkeyalias: oberon
  debug1: Host 'oberon' is known and matches the RSA host key.
  debug1: Found key in /home/sam/.ssh/known_hosts:1
  debug1: ssh_rsa_verify: signature correct
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug1: Authentications that can continue: publickey
  debug1: Next authentication method: publickey
  debug1: Offering public key: /home/sam/.ssh/id_rsa
  debug1: Server accepts key: pkalg ssh-rsa blen 277
  Agent admitted failure to sign using the key.
  debug1: Trying private key: /home/sam/.ssh/identity
  debug1: Trying private key: /home/sam/.ssh/id_dsa
  debug1: No more authentication methods to try.
  Permission denied (publickey).

  I tried generating a new key. this worked for a few logons, but then i
  get back to this error.

  I think it is to do with the local key agent. i found that
   SSH_AUTH_SOCK=0 ssh oberon
  works fine.

To manage notifications about this bug go to:
https://bugs.launchpad.net/seahorse/+bug/201786/+subscriptions