OpenSSH public key authentication does not work from Windows client if private key was added to SSH agent

[Damien Miller]

On Wed, 19 Jun 2019, Steinforth, Patrick wrote:

> Hey guys,
> 
> I installed OpenSSH 7.9p1 on Windows Server 2016 and generated a SSH key pair with ssh-keygen on my Windows 10 Client (OpenSSH 7.6p1). I can connect to the server with "ssh user at domain@servername -i id_rsa". But as soon as I add the private key to the SSH agent by "ssh-add id_rsa" this does not work anymore and aborts with the message "Permission denied (publickey,keyboard-interactive)". The ssh command without "-i id_rsa" leads to the same error. As soon as I remove the private key from the ssh agent, public key authentication works again like a charm.
> If I add the public key on my Ubuntu Server 18.04 LTS to the SSH agent and establish a connection, this works without any problems. SSH client version on Ubuntu is also OpenSSH 7.6p1.
> I noticed further, if I add my key id_rsa to the SSH agent on Windows and copy the key file to id_rsa_new the connection can be established by "ssh user at domain@servername -i id_rsa_new" without any problems, but not with "-i id_rsa".
> I think this is strange and not the expected behavior. Any ideas what's wrong?

Could you send the output of ssh with debugging enabled for both a working
and failing connection? I.e. "ssh -vvv host"

It should show what is going on.

-d