ssh-agent does not accept all forwarded RSA keys on later versions.

Jakub Jelen jjelen at
Mon Aug 10 16:55:15 AEST 2020

On Fri, 2020-08-07 at 11:54 -0600, Matt Schepers wrote:
> Hello,
> I've got a problem with newer versions of ssh-agent not accepting all
> keys
> being forwarded to them.
> Example:
> ssh-add -l
> 4096 SHA256:HFSzrozPapudofYJi8QvXQdA1/vNpFc2iPWH8CGVsEg (none) (RSA)
> 2048 SHA256:lbjpmHAYtUO+zaLaKvWVxGNYkXRkOumcoOpLdRSVX/U
> /home/matt/.ssh/id_rsa_embedded (RSA)
> ssh -V
> OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017

What is the ssh-agent you are running on this machine? Is it stock ssh-
agent, gnome-keyring or some other implementation? You should get the
idea from the SSH_AUTH_SOCK environment variable.

Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.

More information about the openssh-unix-dev mailing list