Hello all!
Can anyone help me with agent checking for ssh please? I am getting the
following error when trying to connect to a host:
Agent admitted failure to sign using the key.
Here's some relevant foo in case it helps:
#ssh -V
OpenSSH_3.6.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
I am running FreeBSD 4.10 stable.
I have set the environment variable SSH_ASKPASS and then load X by
running #ssh-agent startx
Then within X I start an xterm, then type #ssh-add -c /home/user/.ssh/id_dsa
Enter passphrase for /home/user/.ssh/id_dsa:
Identity added: /home/user/.ssh/id_dsa (/home/user/.ssh/id_dsa)
The user has to confirm each use of the key
#
I verified that my key got added to the agent with #ssh-add -l which
reported the presence of my key. Also, typing #set shows me these
relevant environment variables:
DISPLAY=:0.0
SSH_AGENT_PID=2392
SSH_ASKPASS=/home/user/bin/ask.sh
SSH_AUTH_SOCK=/tmp/ssh-BxqWFUrB/agent.2391
All good so far I think. Right, now I need to connect to a host. This
host in question already has my public dsa key installed correctly and I
have used this successfully before attempting to setup agent checking.
When I connect, I also forward my agent because I need that
functionality :) Again, I have used agent forwarding successfully before
attempting agent checking.
#ssh -A user@remotehost
Agent admitted failure to sign using the key.
Enter passphrase for key '/home/user/.ssh/id_dsa':
Now, why is it failing and falling back to asking me my passphrase which
is already added to my agent? If I retype my passphrase at the prompt,
it will allow me to connect to the machine but it doesn't forward my key
correctly which stops me doing what I wanted to do and obviously the
point of running an agent is that you don't have to keep re-typing your
passphrase.
It doesn't appear to get anywhere near the SSH_ASKPASS script which I
can confirm runs if called manually from a terminal.
Any help would be appreciated. Cheers!
Johnny
-- destroy all humans!
