SSH key signing failed

scenario: When Using SSH key to verify identity
error reported:

sign_and_send_pubkey: signing failed: agent refused operation

Environment: Debian 9.7 (Stretch)
Solution:

1) Confirm the problem

Add “SSH_AUTH_SOCK=0” before the SSH command：

SSH_AUTH_SOCK=0 ssh <username>@<server>

If you can log in normally, the variable SSH is displayed_AUTH_Output when sock content:

echo $SSH_AUTH_SOCK
/run/user/1000/keyring/ssh

Then we can determine that the key signature failure is caused by the SSH agent with Gnome keying Gnome keying SSH agent does not always handle SSH keys in all formats correctly. However, it tries to process all SSH keys, resulting in an error（ The typical one doesn’t have diamond and has to do this porcelain work)

If you still cannot log in normally, it means that SSH agent does not exist or exists but the key is not found. You can refer to here and solve it with a few commands

 

2) problem solving

As mentioned earlier, if SSH is added before the SSH command_AUTH_You can log in normally after sock = 0 , which means that the Gnome keying SSH agent is trying to process the SSH key encoding method that it may not be able to handle. There are two solutions: disable the Gnome keying SSH agent self startup, or use SSH keygen to regenerate and upload the public-private key pair generated by the coding method that Gnome keying SSH agent can handle

The second method is mentioned in this blog post. The advantage of this method is that it does not need to change the local system settings. The disadvantage is that it needs to update the public keys of all servers. For those who upload the public keys to multiple services (such as GitHub, gitlab, digitalocean, etc.), it needs to do a lot of repetitive operations, which is troublesome

The first method will change the system settings, but it is only a minimum change (only disable SSH agent startup under Gnome keying ), almost does not affect the system functions. Therefore, Gnome keying SSH agent can be completely replaced by SSH agent of openssh
the specific methods are as follows:

 

Open the search bar, search for startup applications applications and run them (if they are not installed, they will be prompted for installation)

In the pop-up window, find SSH key agent Gnome keying: SSH agent , and turn off auto start

Restart the system

Similar Posts:

• Git Add The Public Key sign_and_send_pubkey: signing failed: agent refused operation
• .Net Core 5.0 Upload File sizes is limited via Swagger Api: error: request entity too large
• The VMware authorization service is not running
• Android system/app/ VS system/priv-app/
• Solution to the problem of “Gnome keying is lock” in idea SVN update
• An error was reported when Java connected to SQL server. Sqljdbc could not be found_ auth.dll
• [Solved] activemq Startup Error: Address already in use: JVM_Bind
• Su command error Su: permission denied [How to Solve]
• Axios gets the upload progress error: xhr.upload.addEventListener is not a function
• Pytest @pytest.mark.parametrize Example