Confusion using "ssh-add -D" and then "ssh-add -l"
Chris Green
cl at isbd.net
Fri Oct 18 22:50:27 AEDT 2024
On Fri, Oct 18, 2024 at 11:38:37AM +0100, Chris Green wrote:
> I'm confused by the following:-
>
> rcfg at q957$ ssh-add -l
> 256 SHA256:gl9l9m/xnYpL9P7WkL60L+FcJ0+r2c5Ci770p9VEC08 chris at q957 (ED25519)
> 256 SHA256:4XDYbepg8zK43pofpQ8IGxMAXkej298a0XZHWjJTIQQ chris at q957 (ED25519)
> 3072 SHA256:yeQw8xe9rrxHKLqICoXNwReZKKV9HI1UeTCf95QywXM chris at t470 (RSA)
> 256 SHA256:dluRgJeTqJ32jKxRrSdjr/cibbIOZQeq8Inlna3+Sdw chris at q957 (ED25519)
> 3072 SHA256:dJws+ny7+uWMo2hwFl6yNGE5vFsW1ZKiO0EXwTIfNPc chris at t470 (RSA)
> 256 SHA256:BxqEiksrCXPxKvQyBXqOqw1WKda110lYiC00Z+fKP4A chris at q957 (ED25519)
> rcfg at q957$ ssh-add -D
> All identities removed.
> rcfg at q957$ ssh-add -l
> 256 SHA256:4XDYbepg8zK43pofpQ8IGxMAXkej298a0XZHWjJTIQQ chris at q957 (ED25519)
> 3072 SHA256:yeQw8xe9rrxHKLqICoXNwReZKKV9HI1UeTCf95QywXM chris at t470 (RSA)
> 256 SHA256:dluRgJeTqJ32jKxRrSdjr/cibbIOZQeq8Inlna3+Sdw chris at q957 (ED25519)
> 256 SHA256:gl9l9m/xnYpL9P7WkL60L+FcJ0+r2c5Ci770p9VEC08 chris at q957 (ED25519)
> 3072 SHA256:dJws+ny7+uWMo2hwFl6yNGE5vFsW1ZKiO0EXwTIfNPc chris at t470 (RSA)
> 256 SHA256:BxqEiksrCXPxKvQyBXqOqw1WKda110lYiC00Z+fKP4A chris at q957 (ED25519)
> rcfg at q957$
>
> What's going on here? I was expecting all the entries to disappear,
> but they don't.
>
> I checked when reverting to my default 'chris' login with
> $HOME=/home/chris but it's exactly the same:-
>
> chris$ ssh-add -l
> 256 SHA256:4XDYbepg8zK43pofpQ8IGxMAXkej298a0XZHWjJTIQQ chris at q957 (ED25519)
> 3072 SHA256:yeQw8xe9rrxHKLqICoXNwReZKKV9HI1UeTCf95QywXM chris at t470 (RSA)
> 256 SHA256:dluRgJeTqJ32jKxRrSdjr/cibbIOZQeq8Inlna3+Sdw chris at q957 (ED25519)
> 256 SHA256:gl9l9m/xnYpL9P7WkL60L+FcJ0+r2c5Ci770p9VEC08 chris at q957 (ED25519)
> 3072 SHA256:dJws+ny7+uWMo2hwFl6yNGE5vFsW1ZKiO0EXwTIfNPc chris at t470 (RSA)
> 256 SHA256:BxqEiksrCXPxKvQyBXqOqw1WKda110lYiC00Z+fKP4A chris at q957 (ED25519)
> chris$ ssh-add -D
> All identities removed.
> chris$ ssh-add -l
> 256 SHA256:4XDYbepg8zK43pofpQ8IGxMAXkej298a0XZHWjJTIQQ chris at q957 (ED25519)
> 3072 SHA256:yeQw8xe9rrxHKLqICoXNwReZKKV9HI1UeTCf95QywXM chris at t470 (RSA)
> 256 SHA256:dluRgJeTqJ32jKxRrSdjr/cibbIOZQeq8Inlna3+Sdw chris at q957 (ED25519)
> 256 SHA256:gl9l9m/xnYpL9P7WkL60L+FcJ0+r2c5Ci770p9VEC08 chris at q957 (ED25519)
> 3072 SHA256:dJws+ny7+uWMo2hwFl6yNGE5vFsW1ZKiO0EXwTIfNPc chris at t470 (RSA)
> 256 SHA256:BxqEiksrCXPxKvQyBXqOqw1WKda110lYiC00Z+fKP4A chris at q957 (ED25519)
> chris$
>
> I guess I'm misunderstanding something but I don't see what at the moment.
>
>
Probably related to the same problem:-
chris$ ssh-add /home/chris/.share/rcfg/.ssh/rcfgKey
Enter passphrase for /home/chris/.share/rcfg/.ssh/rcfgKey:
Identity added: /home/chris/.share/rcfg/.ssh/rcfgKey (root at q957)
chris$ ssh -i /home/chris/.share/rcfg/.ssh/rcfgKey root at backup
Enter passphrase for key '/home/chris/.share/rcfg/.ssh/rcfgKey':
root at backup:~#
Hmm, I think there's something funny going on with the ssh-agent
socket:-
chris$ ps -fe | grep ssh-agent
chris 2463 1530 0 12:33 ? 00:00:00 /usr/bin/ssh-agent -D -a /run/user/1000/keyring/.ssh
but:-
chris$ env | grep SSH
SSH_AUTH_SOCK=/run/user/1000/keyring/ssh
So SSH_AUTH_SOCK doesn't appear to be the socket that ssh-agent thinks
it should be.
This is on a fairly standard/default xubuntu 24.04 installation, I've
not played about with the agent stuff (or at least I don't think I
have).
Both the sockets exist:-
chris$ ls -al /run/user/1000/keyring/
total 0
drwx------ 2 chris chris 120 Oct 18 12:33 .
drwx------ 13 chris chris 420 Oct 18 12:32 ..
srw------- 1 chris chris 0 Oct 18 12:33 .ssh
srw-rw-rw- 1 chris chris 0 Oct 18 12:32 control
srwxrwxr-x 1 chris chris 0 Oct 18 12:32 pkcs11
srwxrwxr-x 1 chris chris 0 Oct 18 12:32 ssh
Can anyone suggest what might be awry?
--
Chris Green
More information about the openssh-unix-dev
mailing list