Re: Confusion using "ssh-add -D" and then "ssh-add -l"

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, Oct 18, 2024 at 11:38:37AM +0100, Chris Green wrote:
> I'm confused by the following:-
> 
>     rcfg@q957$  ssh-add -l
>     256 SHA256:gl9l9m/xnYpL9P7WkL60L+FcJ0+r2c5Ci770p9VEC08 chris@q957 (ED25519)
>     256 SHA256:4XDYbepg8zK43pofpQ8IGxMAXkej298a0XZHWjJTIQQ chris@q957 (ED25519)
>     3072 SHA256:yeQw8xe9rrxHKLqICoXNwReZKKV9HI1UeTCf95QywXM chris@t470 (RSA)
>     256 SHA256:dluRgJeTqJ32jKxRrSdjr/cibbIOZQeq8Inlna3+Sdw chris@q957 (ED25519)
>     3072 SHA256:dJws+ny7+uWMo2hwFl6yNGE5vFsW1ZKiO0EXwTIfNPc chris@t470 (RSA)
>     256 SHA256:BxqEiksrCXPxKvQyBXqOqw1WKda110lYiC00Z+fKP4A chris@q957 (ED25519)
>     rcfg@q957$ ssh-add -D
>     All identities removed.
>     rcfg@q957$ ssh-add -l
>     256 SHA256:4XDYbepg8zK43pofpQ8IGxMAXkej298a0XZHWjJTIQQ chris@q957 (ED25519)
>     3072 SHA256:yeQw8xe9rrxHKLqICoXNwReZKKV9HI1UeTCf95QywXM chris@t470 (RSA)
>     256 SHA256:dluRgJeTqJ32jKxRrSdjr/cibbIOZQeq8Inlna3+Sdw chris@q957 (ED25519)
>     256 SHA256:gl9l9m/xnYpL9P7WkL60L+FcJ0+r2c5Ci770p9VEC08 chris@q957 (ED25519)
>     3072 SHA256:dJws+ny7+uWMo2hwFl6yNGE5vFsW1ZKiO0EXwTIfNPc chris@t470 (RSA)
>     256 SHA256:BxqEiksrCXPxKvQyBXqOqw1WKda110lYiC00Z+fKP4A chris@q957 (ED25519)
>     rcfg@q957$ 
> 
> What's going on here?  I was expecting all the entries to disappear,
> but they don't.
> 
> I checked when reverting to my default 'chris' login with
> $HOME=/home/chris but it's exactly the same:-
> 
>     chris$ ssh-add -l
>     256 SHA256:4XDYbepg8zK43pofpQ8IGxMAXkej298a0XZHWjJTIQQ chris@q957 (ED25519)
>     3072 SHA256:yeQw8xe9rrxHKLqICoXNwReZKKV9HI1UeTCf95QywXM chris@t470 (RSA)
>     256 SHA256:dluRgJeTqJ32jKxRrSdjr/cibbIOZQeq8Inlna3+Sdw chris@q957 (ED25519)
>     256 SHA256:gl9l9m/xnYpL9P7WkL60L+FcJ0+r2c5Ci770p9VEC08 chris@q957 (ED25519)
>     3072 SHA256:dJws+ny7+uWMo2hwFl6yNGE5vFsW1ZKiO0EXwTIfNPc chris@t470 (RSA)
>     256 SHA256:BxqEiksrCXPxKvQyBXqOqw1WKda110lYiC00Z+fKP4A chris@q957 (ED25519)
>     chris$ ssh-add -D
>     All identities removed.
>     chris$ ssh-add -l
>     256 SHA256:4XDYbepg8zK43pofpQ8IGxMAXkej298a0XZHWjJTIQQ chris@q957 (ED25519)
>     3072 SHA256:yeQw8xe9rrxHKLqICoXNwReZKKV9HI1UeTCf95QywXM chris@t470 (RSA)
>     256 SHA256:dluRgJeTqJ32jKxRrSdjr/cibbIOZQeq8Inlna3+Sdw chris@q957 (ED25519)
>     256 SHA256:gl9l9m/xnYpL9P7WkL60L+FcJ0+r2c5Ci770p9VEC08 chris@q957 (ED25519)
>     3072 SHA256:dJws+ny7+uWMo2hwFl6yNGE5vFsW1ZKiO0EXwTIfNPc chris@t470 (RSA)
>     256 SHA256:BxqEiksrCXPxKvQyBXqOqw1WKda110lYiC00Z+fKP4A chris@q957 (ED25519)
>     chris$ 
> 
> I guess I'm misunderstanding something but I don't see what at the moment.
> 
> 
Probably related to the same problem:-

    chris$ ssh-add /home/chris/.share/rcfg/.ssh/rcfgKey
    Enter passphrase for /home/chris/.share/rcfg/.ssh/rcfgKey: 
    Identity added: /home/chris/.share/rcfg/.ssh/rcfgKey (root@q957)
    chris$ ssh -i /home/chris/.share/rcfg/.ssh/rcfgKey root@backup
    Enter passphrase for key '/home/chris/.share/rcfg/.ssh/rcfgKey': 
    root@backup:~# 


Hmm, I think there's something funny going on with the ssh-agent
socket:-

    chris$ ps -fe | grep ssh-agent
    chris       2463    1530  0 12:33 ?        00:00:00 /usr/bin/ssh-agent -D -a /run/user/1000/keyring/.ssh

but:-

    chris$ env | grep SSH
    SSH_AUTH_SOCK=/run/user/1000/keyring/ssh

So SSH_AUTH_SOCK doesn't appear to be the socket that ssh-agent thinks
it should be.

This is on a fairly standard/default xubuntu 24.04 installation, I've
not played about with the agent stuff (or at least I don't think I
have).

Both the sockets exist:-

    chris$ ls -al /run/user/1000/keyring/
    total 0
    drwx------  2 chris chris 120 Oct 18 12:33 .
    drwx------ 13 chris chris 420 Oct 18 12:32 ..
    srw-------  1 chris chris   0 Oct 18 12:33 .ssh
    srw-rw-rw-  1 chris chris   0 Oct 18 12:32 control
    srwxrwxr-x  1 chris chris   0 Oct 18 12:32 pkcs11
    srwxrwxr-x  1 chris chris   0 Oct 18 12:32 ssh

Can anyone suggest what might be awry?


-- 
Chris Green
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux