the2nd at otpme.org
2015-Nov-30 14:52 UTC
Problem with gpg-agent and yubikey since openssh v6.8p1
Hi Damien, thanks for you answer. Here is the output of ssh -vvv for both versions: http://paste.ubuntu.com/13576087/ http://paste.ubuntu.com/13576243/ If you need any more info let me know. Regards the2nd On 2015-11-29 12:14, Damien Miller wrote:> On Tue, 24 Nov 2015, the2nd at otpme.org wrote: > >> Hi, >> >> i'm unsure if the problem we encounter is a bug in openssh or in >> gnupg. But as >> everything was working with openssh 6.7p1 and earlier i guess that >> there where >> at least some changes in openssh that leads to the problem. >> >> You can read the latest discussion about the problem here: >> >> https://www.mail-archive.com/gnupg-users%40gnupg.org/msg29421.html >> https://www.mail-archive.com/gnupg-users at gnupg.org/msg28416.html >> >> I hope to get some help on this list as its an very annoying problem >> and using >> an old openssh version is just a bad workaround. >> >> If you need any more information or help debugging i'm glad to help. > > At the very least, we'd need the output of "ssh -vvv user at host" for a > failing attempt. > > -d
Damien Miller
2015-Nov-30 22:42 UTC
Problem with gpg-agent and yubikey since openssh v6.8p1
On Mon, 30 Nov 2015, the2nd at otpme.org wrote:> Hi Damien, > > thanks for you answer. > > Here is the output of ssh -vvv for both versions: > > http://paste.ubuntu.com/13576087/ > http://paste.ubuntu.com/13576243/In http://paste.ubuntu.com/13576087/ the key no longer appears in the agent after the token is removed and re-inserted. If you aren't using OpenSSH's ssh-agent then you should ask whomever wrote your agent. -d
the2nd at otpme.org
2015-Nov-30 23:13 UTC
Problem with gpg-agent and yubikey since openssh v6.8p1
Like written in my initial mail the agent is from gnupg. The reason why i was asking on this list is that the problem is reproducible with any openssh version newer than 6.7p1. So it seems like anything changed in openssh 6.8p1 that leads to this problem. I've also asked on the gnupg list (see the links in my first mail) and there are others that experience this issue but i got no answer from the devs yet. I'll try it again on the gnupg list if you cannot help. i just thought that there might be a chance that there where some changes in openssh between the two versions and someone on this list can help or at least can give any hint in the right direction. regards the2nd On 2015-11-30 23:42, Damien Miller wrote:> On Mon, 30 Nov 2015, the2nd at otpme.org wrote: > >> Hi Damien, >> >> thanks for you answer. >> >> Here is the output of ssh -vvv for both versions: >> >> http://paste.ubuntu.com/13576087/ >> http://paste.ubuntu.com/13576243/ > > In http://paste.ubuntu.com/13576087/ the key no longer appears in the > agent after the token is removed and re-inserted. > > If you aren't using OpenSSH's ssh-agent then you should ask whomever > wrote your agent. > > -d