GNOME Bugzilla – Bug 544554
ssh agent doesn't work correctly
Last modified: 2008-08-08 09:30:14 UTC
using the current svn version: - use "ssh someserver" on a commandline - get a passphrase prompt, enter your passphrase - the commandline fails to connect and gives this error "Agent admitted failure to sign using the key. Permission denied (publickey)." connecting to the same server works correctly when using gnome-keyring 2.22
I get this as well.
This should fix the problem. Please re-open the bug if that's not the case. Sorry for the confusion. 2008-07-25 Stef Walter <stef@memberwebs.com> * daemon/pk/gkr-pk-import.c: * daemon/pk/gkr-pk-index.c: * daemon/pk/gkr-pk-index.h: * daemon/pk/gkr-pk-object.c: * daemon/pk/gkr-pk-root-storage.c: * daemon/pk/gkr-pk-storage.c: * daemon/ssh/gkr-ssh-storage.c: * daemon/ui/gkr-ask-daemon.c: Fix problems using SSH and other PK related stuff when index unlock is denied by the user. We should default to a session index.
Sorry, no. I just checked out svn head and built/installed it, and I still get the problem. Any idea how to debug this further?
Could you describe the steps you're using exactly? Are there messages in /var/log/auth.log from gnome-keyring-daemon?
*** Bug 545298 has been marked as a duplicate of this bug. ***
the steps to trigger the bug: - log into GNOME - open a command line - type "ssh server" - get a passphrase prompt dialog - enter the correct passphrase there - read the error on the command line auth.log gets a "gnome-keyring-daemon[10948]: couldn't get private signing key" error when the passphrase in entered
note that the gnome-keyring-daemon prints a "could not grab keyboard", not sure if that can be revelant there
Wow. I'm really lost here. Sorry guys. I've tried all sorts of scenarios and it seems to work correctly for me. I know that at one point the SSH functionality was completely broken, but I just can't duplicate this problem. What does ssh-add -L output?
ssh-add -L lists ssh-dss ssh-rsa lines
Created attachment 115754 [details] [review] Adds tracing to loading of SSH key Could you build SVN trunk with this patch and post the output?
the debug log: loading SSH private key at: HOME:/.ssh/id_rsa saw PEM block: RSA PRIVATE KEY dekinfo: NUMBER skipping loading of wrong key loading SSH private key at: HOME:/.ssh/id_dsa saw PEM block: DSA PRIVATE KEY dekinfo: OTHERNUMBER skipping loading of wrong key loading SSH private key at: HOME:/.ssh/id_dsa.keystore loading SSH private key at: HOME:/.ssh/id_rsa.keystore loading location: HOME:/.ssh/id_rsa loading SSH private key at: HOME:/.ssh/id_rsa saw PEM block: RSA PRIVATE KEY dekinfo: NUMBER couldn't get private signing key
do you need any other informations? there is some GNOME hackers who are asking about daily on IRC now and I've to admit that having to type an ssh passphrase for every svn commit or changelog update is quite annoying
Hmmm, I think I've found something. This heisenbug seems to manifest itself when gnome-keyring isn't built in debug mode. Small related fix, but doesn't seem to actually resolve the problem: 2008-08-07 Stef Walter <stef@memberwebs.com> * daemon/ssh/gkr-ssh-storage.c: Fix problem with result comparison. Related to #544554
I'm hope this does the trick. LMK if not. Thanks for the help and persistence in finding this problem. 2008-08-07 Stef Walter <stef@memberwebs.com> * daemon/pk/gkr-pk-storage.c: Fix problem with unititialized variable in prompting for password. Fixes bug #544554.
Rocking, I applied that patch (r1228 in svn) to 2.23.6, and it works perfectly again. Thank you!
confirmed here too, the change fixes the issue, thank you for your work on this bug!