Discussion:
Problem with gpg-agent and yubikey since openssh v6.8p1
(too old to reply)
t***@otpme.org
2015-11-24 16:21:45 UTC
Permalink
Hi,

i'm unsure if the problem we encounter is a bug in openssh or in gnupg.
But as everything was working with openssh 6.7p1 and earlier i guess
that there where at least some changes in openssh that leads to the
problem.

You can read the latest discussion about the problem here:

https://www.mail-archive.com/gnupg-users%40gnupg.org/msg29421.html
https://www.mail-archive.com/gnupg-***@gnupg.org/msg28416.html

I hope to get some help on this list as its an very annoying problem and
using an old openssh version is just a bad workaround.

If you need any more information or help debugging i'm glad to help.

regards
the2nd
Damien Miller
2015-11-29 11:14:32 UTC
Permalink
Hi,
i'm unsure if the problem we encounter is a bug in openssh or in gnupg. But as
everything was working with openssh 6.7p1 and earlier i guess that there where
at least some changes in openssh that leads to the problem.
https://www.mail-archive.com/gnupg-users%40gnupg.org/msg29421.html
I hope to get some help on this list as its an very annoying problem and using
an old openssh version is just a bad workaround.
If you need any more information or help debugging i'm glad to help.
At the very least, we'd need the output of "ssh -vvv ***@host" for a
failing attempt.

-d
t***@otpme.org
2015-11-30 14:52:43 UTC
Permalink
Hi Damien,

thanks for you answer.

Here is the output of ssh -vvv for both versions:

http://paste.ubuntu.com/13576087/
http://paste.ubuntu.com/13576243/

If you need any more info let me know.

Regards
the2nd
Post by Damien Miller
Post by t***@otpme.org
Hi,
i'm unsure if the problem we encounter is a bug in openssh or in
gnupg. But as
everything was working with openssh 6.7p1 and earlier i guess that
there where
at least some changes in openssh that leads to the problem.
https://www.mail-archive.com/gnupg-users%40gnupg.org/msg29421.html
I hope to get some help on this list as its an very annoying problem
and using
an old openssh version is just a bad workaround.
If you need any more information or help debugging i'm glad to help.
failing attempt.
-d
Damien Miller
2015-11-30 22:42:20 UTC
Permalink
Post by t***@otpme.org
Hi Damien,
thanks for you answer.
http://paste.ubuntu.com/13576087/
http://paste.ubuntu.com/13576243/
In http://paste.ubuntu.com/13576087/ the key no longer appears in the
agent after the token is removed and re-inserted.

If you aren't using OpenSSH's ssh-agent then you should ask whomever
wrote your agent.

-d
t***@otpme.org
2015-11-30 23:13:20 UTC
Permalink
Like written in my initial mail the agent is from gnupg. The reason why
i was asking on this list is that the problem is reproducible with any
openssh version newer than 6.7p1. So it seems like anything changed in
openssh 6.8p1 that leads to this problem. I've also asked on the gnupg
list (see the links in my first mail) and there are others that
experience this issue but i got no answer from the devs yet. I'll try it
again on the gnupg list if you cannot help. i just thought that there
might be a chance that there where some changes in openssh between the
two versions and someone on this list can help or at least can give any
hint in the right direction.

regards
the2nd
Post by Damien Miller
Post by t***@otpme.org
Hi Damien,
thanks for you answer.
http://paste.ubuntu.com/13576087/
http://paste.ubuntu.com/13576243/
In http://paste.ubuntu.com/13576087/ the key no longer appears in the
agent after the token is removed and re-inserted.
If you aren't using OpenSSH's ssh-agent then you should ask whomever
wrote your agent.
-d
Loading...