similar to: [Bug 448] ssh ignores key specified with -i if agent is running

http://bugzilla.mindrot.org/show_bug.cgi?id=448 ------- Additional Comments From markus at openbsd.org 2003-05-13 04:23 ------- for pubkey authentication try the user keys in the following order: 1. agent keys that are found in the config file 2. other agent keys 3. keys that are only listed in the config file ------- You are receiving this mail because: ------- You are the assignee for

http://bugzilla.mindrot.org/show_bug.cgi?id=448 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From djm at mindrot.org 2004-03-30 16:12

http://bugzilla.mindrot.org/show_bug.cgi?id=448 Summary: ssh ignores key specified with -i if agent is running Product: Portable OpenSSH Version: older versions Platform: All OS/Version: Linux Status: NEW Severity: trivial Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=448 ------- Additional Comments From ssh-bugzilla at andrew.pimlott.net 2003-02-12 01:57 ------- I'm not sure how you mean that turning off the agent might break things, but it is obviously wrong for -i to be ignored. Why can't you simply try keys specified with -i before trying the agent? You may need to lists of keys rather than one:

http://bugzilla.mindrot.org/show_bug.cgi?id=410 ------- Additional Comments From markus at openbsd.org 2002-10-04 17:34 ------- it's not documented that -i or IdentityFile overwrite the agent and it's to late to even consider this change. if you don't want to use the agent, unset SSH_AUTH_SOCK ------- You are receiving this mail because: ------- You are the assignee for the

http://bugzilla.mindrot.org/show_bug.cgi?id=500 Summary: show how to start-up ssh-agent by default... Product: Portable OpenSSH Version: 3.5p1 Platform: All URL: http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component:

Damien Miller wrote: > On Thu, 2 Feb 2017, Adam Eijdenberg wrote: > >> On Thu, Feb 2, 2017 at 10:42 AM Damien Miller <djm at mindrot.org> wrote: >>> On Thu, 2 Feb 2017, Adam Eijdenberg wrote: >>>> I guess a case could be made for ssh-add to always set a timeout when >>>> adding a certificate with an expiry time, but I think for now I'm

I use IMAP over SSH, in pre-auth. I wanted to use dsync to offline mail to my laptop. dsync v2.1.10 would always ask for my SSH key/passphrase, ignoring ssh-agent. The culprit is the env_clean() in the stack below. Reading the source, I saw DOVECOT_PRESERVE_ENVS. When used as follows in my script it enables dsync to find my ssh-agent: export DOVECOT_PRESERVE_ENVS="SSH_AGENT_PID

http://bugzilla.mindrot.org/show_bug.cgi?id=500 ------- Additional Comments From djm at mindrot.org 2003-02-24 12:43 ------- I think that: [ -z "$SSH_AUTH_SOCK" ] && eval `ssh-agent -s` [ -z "$SSH_AGENT_PID" ] || ssh-add -l >/dev/null 2>&1 || ssh-add Is as effective and a lot more concise. On the other hand, fragile heuristics like: > export

Hi all, Thanks for all your hard work! I was particularly excited to see FIDO/U2F support in the latest release. I'd like to make the following bug report in ssh-agent's PKCS#11 support: Steps to reproduce: 1. Configure a smart card (e.g. Yubikey in PIV mode) as an SSH key. 2. Add that key to ssh-agent. 3. Remove that key from ssh-agent. 4. Add that key to ssh-agent. Expected results:

On Sat, 2020-02-22 at 10:50 -0600, Douglas E Engert wrote: > As a side note, OpenSC is looking at issues with using tokens vs > separate > readers and smart cards. The code paths in PKCS#11 differ. Removing a > card > from a reader leaves the pkcs#11 slot still available. Removing a > token (Yubikey) > removes both the reader and and its builtin smart card. Firefox has a >

https://bugzilla.mindrot.org/show_bug.cgi?id=2066 Bug ID: 2066 Summary: ssh tries the keys proposed by the agent before those passed with -i Classification: Unclassified Product: Portable OpenSSH Version: 6.0p1 Hardware: All OS: Linux Status: NEW Severity: normal

http://bugzilla.mindrot.org/show_bug.cgi?id=199 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From markus at openbsd.org 2002-04-02

Hi :-) we use ssh-agent, on exit it hangs # ^D unset SSH_AUTH_SOCK; unset SSH_AGENT_PID; echo Agent pid 15151 killed; :-( under OpenSSH_3.6.1p2 we have no problems with the agent. Frank client putty OS Solaris8 _______________________________________________________ WEB.DE Video-Mail - Sagen Sie mehr mit bewegten Bildern Informationen unter: http://freemail.web.de/?mc=021199

http://bugzilla.mindrot.org/show_bug.cgi?id=480 ------- Additional Comments From markus at openbsd.org 2003-02-02 00:11 ------- this does not belong to the -L or -l option ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=414 ------- Additional Comments From markus at openbsd.org 2002-11-06 07:01 ------- Created an attachment (id=164) --> (http://bugzilla.mindrot.org/attachment.cgi?id=164&action=view) proposed patch what about this? (more in line with the rest of the code). ------- You are receiving this mail because: ------- You are the assignee for the

> > There must be *something* in the environment that affects this because > I'm seeing two different ways of asking for the passphrase on the same > screen. The only difference is that one is a simple terminal window > running on my system and the other is one where I have used ssh to > connect to a remote system and then ssh again back to the 'home' > system.

On 2024/01/02 09:51, Chris Green wrote: > I think I have it! I need to unset SSH_AUTH_SOCK, that's all that's > needed. See:- > > chris$ ssh -i backup_id_rsa backup > [here the pop-up appears and I cancel it] > sign_and_send_pubkey: signing failed for RSA "backup_id_rsa" from > agent: agent refused operation > chris at backup's

Folks, MacOSX 10.6.x (Snow Leopard) runs { ssh-agent -l }; that's not an s/ssh-add/ssh-agent/ typo. It appears to be an undocumented addition (the man-pages were not updated). I *suspect* that it just tells the agent to honour whatever pre-existing value of $SSH_AUTH_SOCK it inherits and to try to listen to that. I don't know for sure. Does anyone have details on what exactly it does,

Hi all, i'm trying to figure out if i'm being silly or if there is a genuine problem. Running on the notorious Redhat 7, 2.2.16-22 #1, X86. [user at host]$ ssh-agent -s SSH_AUTH_SOCK=/tmp/ssh-XXYFcFR6/agent.2101; export SSH_AUTH_SOCK; SSH_AGENT_PID=2102; export SSH_AGENT_PID; echo Agent pid 2102; [user at host]$ echo $SSH_AUTH_SOCK [user at host]$ echo $SSH_AGENT_PID [user at host]$