bugzilla-daemon at mindrot.org
2022-Apr-25 09:04 UTC
[Bug 3426] New: get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426
Bug ID: 3426
Summary: get_agent_identities: ssh_fetch_identitylist:
communication with agent failed
Product: Portable OpenSSH
Version: 8.9p1
Hardware: ARM64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh-agent
Assignee: unassigned-bugs at mindrot.org
Reporter: puspuvuspu at vusra.com
Raspbery pi 4, Ubuntu Mate 22.04 lts.
The keys are stored in keepassxc, when the database is unlocked, they
are automatically added to ssh-agent. When authorizing by key, I get an
error in the log:
debug1: get_agent_identities: ssh_fetch_identitylist: communication
with agent failed
When you try again, write:
debug1: get_agent_identities: ssh_get_authentication_socket: Connection
refused
This problem manifests itself on the arm64 architecture, on x86_64 with
identical settings everything works without problems.
The problem appeared after updating to version 8.9p1, I tried to build
9.0p1 from the debian repository, but the error persists.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-26 14:41 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426 --- Comment #1 from testing <puspuvuspu at vusra.com> --- Created attachment 3587 --> https://bugzilla.mindrot.org/attachment.cgi?id=3587&action=edit ssh_debug_log.txt -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 00:25 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Comment on attachment 3587
--> https://bugzilla.mindrot.org/attachment.cgi?id=3587
ssh_debug_log.txt
> debug2: get_agent_identities: ssh_agent_bind_hostkey: communication with
agent failed
It's possible that your agent is crashing or disconnecting after it
receives the SSH_AGENT_EXTENSION session-bind at openssh.com message. If
so, then the bug lies with the agent - it should ignore messages that
it does not understand rather than fail.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 00:53 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426 --- Comment #3 from Damien Miller <djm at mindrot.org> --- FYI https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent-04#page-11 describes the expected behaviour of an agent when receiving unknown extension requests -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 02:31 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426 --- Comment #4 from testing <puspuvuspu at vusra.com> --- And how to solve this problem? As far as I understand, after upgrading to 8.9p1, users of ArchLinux encountered similar behavior without keepassxc, I saw that they rolled back over to 8.8p1 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 02:39 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at dtucker.net
--- Comment #5 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to testing from comment #4)> And how to solve this problem?
Confirm that keepassxc is indeed crashing (eg by attaching an strace -p
or gdb to it then reproducing the problem) and if it crashes, report
the problem to the keepassxc folks.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 04:31 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426 --- Comment #6 from testing <puspuvuspu at vusra.com> --- I have already communicated about this problem by keepassxc developers, they say that the problem is in ssh-agent -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 05:36 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426 --- Comment #7 from Damien Miller <djm at mindrot.org> --- Do you have a link to a keepassxc bug or email thread on the subject? If they think the problem is in ssh-agent, the a debug log from the agent would be useful (-d flag). Depending on how your shell, desktop or keepassxc starts ssh-agent, it might be a little awkward though. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 05:38 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426 --- Comment #8 from Darren Tucker <dtucker at dtucker.net> --- (In reply to testing from comment #6)> I have already communicated about this problem by keepassxc > developers, they say that the problem is in ssh-agentThe ssh logs seem to suggest otherwise. Attach an strace to both ssh-agent and keepassxc (strace -p [pid], you'll need to run that as root for at least ssh-agent and probably both) and see which one exits or stops listening when you reproduce the problem. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 06:30 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426 --- Comment #9 from Darren Tucker <dtucker at dtucker.net> --- Looking at how keepassxc's integration works (https://keepassxc.org/docs/#faq-ssh-agent-how) it looks like it's just acts as a client to the agent not a proxy like I originally thought. The documentation says "and it acts as a client for an existing agent." which makes me wonder if you're using OpenSSH's ssh-agent or something else like the gpg-agent? Is that true on both systems? You can find out with something like: $ sudo lsof $SSH_AUTH_SOCK COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ssh-agent 2486 dtucker 3u unix 0xffffffc036ff5e80 0t0 3273328 /tmp/ssh-oDfYy0e9aQrN/agent.2486 type=STREAM -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 09:08 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426 --- Comment #10 from testing <puspuvuspu at vusra.com> --- Thanks for the help. As it turned out in Ubuntu, gnome-keyring is used and all problems are related to it. I even found a message about the problem in their git a month ago https://gitlab.gnome.org/gnome/gnome-keyring/-/issues/105 I just removed it and added to the ssh-agent autostart and everything worked. Thank you very much. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-27 11:43 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #11 from Darren Tucker <dtucker at dtucker.net> ---
You're welcome. I added the agent socket path to the debug output so
this kind of thing should be easier to spot in future.
https://github.com/openssh/openssh-portable/commit/0979e29356915261d69a9517a1e0aaade7c9fc75\
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Oct-04 10:58 UTC
[Bug 3426] get_agent_identities: ssh_fetch_identitylist: communication with agent failed
https://bugzilla.mindrot.org/show_bug.cgi?id=3426
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #12 from Damien Miller <djm at mindrot.org> ---
Closing bugs from openssh-9.1 release cycle
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.