Hi, I tried the same on Bionic/Cosmic/Disco (a VM each running the same commands) 1. created an ssh key (ssh-keygen) 2. added it to authorized key (cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys) 3. added it with ssh-add (ssh-add) 4. verified it was added (ssh-add -l) 5. logged to local IP via ssh using the key (ssh [email protected] uname -a) (working) 6. removed the key (ssh-add -d) 7. added the key in confirm mode (ssh-add -c) 8. logged to local IP via ssh using the key (ssh [email protected] uname -a) Got the confirmation prompt
I only got the "sign_and_send_pubkey: signing failed: agent refused operation" if in the prompt that asked me if I should use the key I hit "cancel". That seems reasonable thou. Is the following sequence failing for you? If so would you report the full output for that sequence of commands that you get? Note: I used a clean VM with ssh -XY to allow the popup to come through to my host. sudo apt-get install ssh-askpass-gnome eval `ssh-agent -s` ssh-keygen cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys ssh-add ssh-add -l ssh [email protected] uname -a ssh-add -d ssh-add -c ssh-add -l ssh [email protected] uname -a # pupup should appear -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1812247 Title: ssh-agent fails for ssh-add -c: agent refused operation Status in openssh package in Ubuntu: New Bug description: Ubuntu uses ssh-agent from OpenSSH which supports adding keys by means of `ssh-add -c` indicating that keys "should be subject to confirmation before being used for authentication. In Ubuntu 18.10 this fails with the error sign_and_send_pubkey: signing failed: agent refused operation To reproduce I used a Ubuntu 18.10 Live "CD", apt-get update && apt- get upgrade, log out and log back in (these steps are not required but we want to use an up-to-date system). Then: $ sudo apt-get install ssh-askpass-gnome (...) $ # verify that ssh-askpass shows a popup, confirm with Enter $ ssh-askpass ; echo $? 0 $ ssh-keygen (...) $ ssh-add -D All identities removed. $ ssh-copy-id $sshuser@$sshserver (...) Number of key(s) added: 1 (...) $ ssh $sshuser@$sshserver uname -a Linux server 4.9.0-8-amd64 #1 SMP Debian 4.9.130-2 (2018-10-27) x86_64 GNU/Linux $ ssh-add -d Identity removed: /home/ubuntu/.ssh/id_rsa (ubuntu@ubuntu) $ ssh-add -c Enter passphrase for /home/ubuntu/.ssh/id_rsa (will confirm each use): Identity added: /home/ubuntu/.ssh/id_rsa (/home/ubuntu/.ssh/id_rsa) The user must confirm each use of the key $ ssh $sshuser@$sshserver uname -a sign_and_send_pubkey: signing failed: agent refused operation sshuser@server's password: [^C'ed] $ ssh-add -l 2048 SHA256:yvAFsTpkNWnlrQyCp+tWV83dIF8Je3AksM0o+Ajvyyc /home/ubuntu/.ssh/id_rsa (RSA) So, our key is loaded, ssh-askpass is working (also confirmed with `ssh-add -c </dev/null`), but authentication fails with "sign_and_send_pubkey: signing failed: agent refused operation". ProblemType: Bug DistroRelease: Ubuntu 18.10 Package: gnome-session-bin 3.30.0-0ubuntu4 ProcVersionSignature: Ubuntu 4.18.0-10.11-generic 4.18.12 Uname: Linux 4.18.0-10-generic x86_64 ApportVersion: 2.20.10-0ubuntu13.1 Architecture: amd64 CasperVersion: 1.399 CurrentDesktop: ubuntu:GNOME Date: Thu Jan 17 17:14:35 2019 ExecutablePath: /usr/lib/gnome-session/gnome-session-binary LiveMediaBuild: Ubuntu 18.10 "Cosmic Cuttlefish" - Release amd64 (20181017.3) ProcEnviron: PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: gnome-session UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1812247/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
