similar to: ssh-agent and protocol 2 ...

Hi -- I saw an email on December 26th in the openssh-unix-dev mailing list archived on MARC, indicating that agent forwarding is indeed not working for 2.2, but that it is working for 2.3. That email referred to a user with 2.3 clients and 2.2 server. I am running the 2.3 client AND server and am having a similar problem. The only unusual aspect of my installation is that I'm using port 24

Hi all, i'm trying to figure out if i'm being silly or if there is a genuine problem. Running on the notorious Redhat 7, 2.2.16-22 #1, X86. [user at host]$ ssh-agent -s SSH_AUTH_SOCK=/tmp/ssh-XXYFcFR6/agent.2101; export SSH_AUTH_SOCK; SSH_AGENT_PID=2102; export SSH_AGENT_PID; echo Agent pid 2102; [user at host]$ echo $SSH_AUTH_SOCK [user at host]$ echo $SSH_AGENT_PID [user at host]$

Hi After logging in to a remote server with ForwardAgent enabled, sshd on the remote server creates a socket at /tmp/ and permission is 0755/srwxr-xr-x. What is the reason to allow everyone to read this socket? Also, is it better to save this socket in /home/user/.ssh/? Best Regards ----------------------- Tran Dung

I'm having a path problem with OpenSSH 2.5.1p1 in Solaris (7). When ssh-agent is run, environment variables aren't being passed to the spawned shell. sol# env | wc -l 23 sol# env | grep -i ssh SSH_CLIENT=10.0.1.146 1047 22 SSH_TTY=/dev/pts/0 sol# sol# ssh-agent sh sol# env | wc -l 1 sol# env SSH_AGENT_PID=12032 sol# If I

https://bugzilla.mindrot.org/show_bug.cgi?id=1937 Bug #: 1937 Summary: Make it possible to give a give an ssh session only access to a limit subset of ssh-agent keys Classification: Unclassified Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity:

On Fri, Sep 18, 2015 at 10:58 PM, ?ngel Gonz?lez <keisial at gmail.com> wrote: > On 18/09/15 15:47, Fabiano Fid?ncio wrote: >> >> Howdy! >> >> I've been working on a prototype that allows to do ssh-agent forward >> between a guest, using SPICE, and a spice client >> (remote-viewer/virt-viewer/spicy) >> The whole idea is to have something

It appears there is an opportunity for a denial-of-service attack against ssh-agent when using ForwardAgent. This note describes the circumstances, and provides a patch. Background (not the vulnerability): If ssh-agent is forwarded to a compromised account, a remote attacker could use the connection to authenticate as the owner of the agent. "ssh-add -c" currently defends

http://bugzilla.mindrot.org/show_bug.cgi?id=500 ------- Additional Comments From djm at mindrot.org 2003-02-24 12:43 ------- I think that: [ -z "$SSH_AUTH_SOCK" ] && eval `ssh-agent -s` [ -z "$SSH_AGENT_PID" ] || ssh-add -l >/dev/null 2>&1 || ssh-add Is as effective and a lot more concise. On the other hand, fragile heuristics like: > export

Hi all, Thanks for all your hard work! I was particularly excited to see FIDO/U2F support in the latest release. I'd like to make the following bug report in ssh-agent's PKCS#11 support: Steps to reproduce: 1. Configure a smart card (e.g. Yubikey in PIV mode) as an SSH key. 2. Add that key to ssh-agent. 3. Remove that key from ssh-agent. 4. Add that key to ssh-agent. Expected results:

Trying to get SSH agent forwarding working for a popular open source configuration management system called Ansible. I?ve had some unexpected behaviour, the only cause of which I can find is how I express the command line arguments. http://stackoverflow.com/questions/20952689/vagrant-ssh-agent-forwarding-how-is-it-working?noredirect=1#comment31511341_20952689 In summarise: In the first

https://bugzilla.mindrot.org/show_bug.cgi?id=2621 Bug ID: 2621 Summary: ControlMaster started by scp (non-ssh?) doesn't forward agent Product: Portable OpenSSH Version: 7.3p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: Miscellaneous

https://bugzilla.mindrot.org/show_bug.cgi?id=2066 Bug ID: 2066 Summary: ssh tries the keys proposed by the agent before those passed with -i Classification: Unclassified Product: Portable OpenSSH Version: 6.0p1 Hardware: All OS: Linux Status: NEW Severity: normal

On 13.01.16 10:27, Richard W.M. Jones wrote: > On Wed, Jan 13, 2016 at 09:55:53AM +0200, Shahar Havivi wrote: > > Hi, > > > > I am successfully importing VM from Xen server at oVirt project via virt-v2v. > > I am setting ssh-agent and running ssh-add before the import process, > > after the import done I am trying to kill the agent via: > > ssh-agent -k (and

Folks, MacOSX 10.6.x (Snow Leopard) runs { ssh-agent -l }; that's not an s/ssh-add/ssh-agent/ typo. It appears to be an undocumented addition (the man-pages were not updated). I *suspect* that it just tells the agent to honour whatever pre-existing value of $SSH_AUTH_SOCK it inherits and to try to listen to that. I don't know for sure. Does anyone have details on what exactly it does,

On Fri, Sep 18, 2015 at 7:07 PM, Peter Stuge <peter at stuge.se> wrote: > Fabiano Fid?ncio wrote: >> A few possible solutions for this would involve a way to support more >> than one agent, talking to both (the local one and the spice one), >> merging then their responses and returning it to any application who >> sent the request. Note that would be really nice if

Hi, I know this might be the most asked question, so I've done anything possible to troubleshoot the problem myself, but still, my SSH Agent Forwarding is not working for me. The best troubleshooting guide that I found, and also the one I've been using, is the ssh forwarding guide on github - https://help.github.com/articles/using-ssh-agent-forwarding I've checked all things there,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear all, bear with me, I know the SUBJECT sounds pretty unclear. I'll clarify in a minute. And please excuse that due to the keywords being unclear no usable help was found on google & Co... Assume there is a workstation, which connects to multiple machines, one of which is considered potentially unsafe. So, it would be nice to have agent

Hi I have written a small introduction to newbies in Danish on ssh and friends. Now some people are questioning my advice and I think they have a point. I am advocating people to use DSA-keys and a config file with this: Protocol 2 ForwardAgent yes ForwardX11 yes Compression yes CompressionLevel 9 and running ssh-agent and ssh-add, and then loggin in without giving keys. One

Howdy! I've been working on a prototype that allows to do ssh-agent forward between a guest, using SPICE, and a spice client (remote-viewer/virt-viewer/spicy) The whole idea is to have something similar to "ssh -A guest", but integrated with the desktop environment. As a proof of concept I wrote a standalone ssh-agent that _unlink_ the current running agent in the guest machine and

https://bugzilla.mindrot.org/show_bug.cgi?id=3572 Bug ID: 3572 Summary: ssh-agent refused operation when using FIDO2 with -O verify-required Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS: Linux Status: NEW Severity: minor Priority: P5 Component: