[Bug 201786] Re: ssh Agent admitted failure to sign using the key on big endian machines

Andreas Hasenack andreas at canonical.com
Thu Nov 29 19:18:44 UTC 2018 

According to
https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/1420522 it's
fixed in seahorse 3.30, which is present in ubuntu cosmic and later.

>From https://bugzilla.redhat.com/show_bug.cgi?id=1435924, this should reproduce the problem:
1. Generate a ssh key using the keytype ed25519 and enter a password when creating the key:
$ ssh-keygen -t ed25519
2. Log out from your computer and log in again
3. Start a ssh session to a remote host:
$ ssh user at domain.tld

I tried that with bionic, which has seahorse 3.20.0

Comment #88 hints that trusty is affected and also broke, can someone
confirm that please? trusty has seahorse 3.10.2-0ubuntu1

Releases older than trusty are EOL by now.

** Bug watch added: Red Hat Bugzilla #1435924
   https://bugzilla.redhat.com/show_bug.cgi?id=1435924

** Changed in: openssh (Ubuntu)
       Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/201786

Title:
  ssh Agent admitted failure to sign using the key on big endian
  machines

Status in seahorse:
  Fix Released
Status in gnome-keyring package in Ubuntu:
  Fix Released
Status in openssh package in Ubuntu:
  Incomplete

Bug description:
  on hardy (preserved home folder from feisty) i get the following when
  i try to ssh

  Agent admitted failure to sign using the key.
  Permission denied (publickey).

  or with verbose on

  sam at titania:~$ ssh -v oberon
  OpenSSH_4.7p1 Debian-4ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
  debug1: Reading configuration data /home/sam/.ssh/config
  debug1: Applying options for oberon
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Applying options for *
  debug1: Connecting to ###### [######] port ##.
  debug1: Connection established.
  debug1: identity file /home/sam/.ssh/identity type -1
  debug1: identity file /home/sam/.ssh/id_rsa type 1
  debug1: identity file /home/sam/.ssh/id_dsa type -1
  debug1: Remote protocol version 2.0, remote software version OpenSSH_4.6p1 Debian-5ubuntu0.1
  debug1: match: OpenSSH_4.6p1 Debian-5ubuntu0.1 pat OpenSSH*
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-4ubuntu1
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-cbc hmac-md5 none
  debug1: kex: client->server aes128-cbc hmac-md5 none
  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  debug1: using hostkeyalias: oberon
  debug1: Host 'oberon' is known and matches the RSA host key.
  debug1: Found key in /home/sam/.ssh/known_hosts:1
  debug1: ssh_rsa_verify: signature correct
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug1: Authentications that can continue: publickey
  debug1: Next authentication method: publickey
  debug1: Offering public key: /home/sam/.ssh/id_rsa
  debug1: Server accepts key: pkalg ssh-rsa blen 277
  Agent admitted failure to sign using the key.
  debug1: Trying private key: /home/sam/.ssh/identity
  debug1: Trying private key: /home/sam/.ssh/id_dsa
  debug1: No more authentication methods to try.
  Permission denied (publickey).

  I tried generating a new key. this worked for a few logons, but then i
  get back to this error.

  I think it is to do with the local key agent. i found that
   SSH_AUTH_SOCK=0 ssh oberon
  works fine.

To manage notifications about this bug go to:
https://bugs.launchpad.net/seahorse/+bug/201786/+subscriptions

More information about the foundations-bugs mailing list