Package: openssh-client
Version: 1:5.1p1-5
Severity: important
Recently, the ssh-agent instance started by xsession (as
part of a GNOME desktop login) cannot use my public key,
nor a newly generated passwordless RSA key.
After adding a new user, logging into a fresh desktop
session (no existing $HOME cruft), generating a new RSA key
with ssh-keygen -t rsa, no passphrase, and using ssh-add to
inject it into the agent, the following occurs
test@ra:~$ ssh njd33@aldred.ncl.ac.uk
Agent admitted failure to sign using the key.
njd33@aldred.ncl.ac.uk's password:
With my normal user and key, I don't get that failure
message.
-vvv output attached to report as 'attempt2'.
Strangely, both with this test environment and with my own
setup and key, if I do eval `ssh-agent`;ssh-add , all works
as expected, so it appears to be something to do with the
way in which ssh-agent is invoked by xsession (defined in
/etc/X11/Xsession.d/90x11-common_ssh-agent from package
x11-common it would seem) rather than ssh-agent itself.
The ssh-agent started by xsession is
/usr/bin/ssh-agent /usr/bin/gpg-agent --daemon --sh
--write-env-file=/home/jon/.gnupg/gpg-agent-info-ra
/usr/bin/dbus-launch --exit-with-session
x-session-manager
This is rather crippling my day to day work :(
Any hints on where to look further would be much
appreciated.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssh-client depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0 1.5.26 Debian configuration management sy
ii dpkg 1.14.25 Debian package management system
ii libc6 2.9-7 GNU C Library: Shared libraries
ii libcomerr2 1.41.3-1 common error description library
ii libedit2 2.11~20080614-1 BSD editline and history libraries
ii libkrb53 1.6.dfsg.4~beta1-13 Transitional library package/krb4
ii libncurses5 5.7+20090404-1 shared libraries for terminal hand
ii libssl0.9.8 0.9.8g-16 SSL shared libraries
ii passwd 1:4.1.1-6 change and administer password and
ii zlib1g 1:1.2.3.3.dfsg-13 compression library - runtime
Versions of packages openssh-client recommends:
ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS
ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op
ii xauth 1:1.0.3-2 X authentication utility
Versions of packages openssh-client suggests:
pn keychain <none> (no description available)
pn libpam-ssh <none> (no description available)
pn ssh-askpass <none> (no description available)
-- no debconf information
--
Jon Dowland ISS UNIX Team Newcastle University
Attachment:
signature.asc
Description: Digital signature