Problem with 20050215 snapshot and ssh-agent forwarding

David Rothenberger daveroth@acm.org
Fri Feb 18 23:13:00 GMT 2005 

On 2/17/2005 10:02 PM, Christopher Faylor wrote:
> On Wed, Feb 16, 2005 at 11:23:03AM -0800, David Rothenberger wrote:
> 
>>I'm having a problem with the 20050215 snapshot (and the 20050131 as
>>well). My ssh-agent connection is not being forwarded by ssh. This is
>>working fine with the 20041119 snapshot.
>>
>>Here are the steps to reproduce the problem. I've got ssh and sshd
>>correctly configured to forward ssh-agent connections. The second ssh
>>command should not prompt to the public key passphrase.
>>
>>% keychain ~/.ssh/id_dsa
>>
>>KeyChain 2.0.3; http://www.gentoo.org/projects/keychain
>>Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL
>>* All previously running ssh-agent(s) have been stopped.
>>* Initializing /home/drothe/.keychain/tela-sh file...
>>* Initializing /home/drothe/.keychain/tela-csh file...
>>* Starting new ssh-agent
>>* 1 more keys to add...
>>Enter passphrase for /home/drothe/.ssh/id_dsa:
>>Identity added: /home/drothe/.ssh/id_dsa (/home/drothe/.ssh/id_dsa)
>>
>>% . ~/.keychain/tela-sh
>>% ssh `hostname`
>>% ssh `hostname`
>>Enter passphrase for key '/home/drothe/.ssh/id_dsa':
> 
> 
> I tried this on four different computers and was unable to duplicate
> the problem.  I also asked Corinna to try it out and she was unable
> to duplicate it either.
> 
> I assume that ssh-agent is disappearing after the first ssh connection
> attempt.  Can you use "strace -ofoo -p <pid>" to attach to the ssh-agent
> prior to the first ssh `hostname` and send the output here?

The ssh-agent process is not dying.

I should have mentioned that I have the following in my ~/.profile:

if [ -z "$SSH_AUTH_SOCK" ]; then
   keychain --quiet --noask ~/.ssh/id_dsa
   . ~/.keychain/${HOSTNAME}-sh
fi

So, after the first ssh `hostname`, I have SSH_AUTH_SOCK defined in my 
environment but not SSH_AGENT_PID. If I source the .keychain file to 
define SSH_AGENT_PID, the second ssh `hostname` succeeds.

I've attached the strace output as you requested.

-- 
David Rothenberger                spammer? -> spam@daveroth.dyndns.org
GPG/PGP: 0x7F67E734, C233 365A 25EF 2C5F C8E1 43DF B44F BA26 7F67 E734

Q:	How many bureaucrats does it take to screw in a light bulb?
A:	Two.  One to assure everyone that everything possible is being
	done while the other screws the bulb into the water faucet.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: strace.out
URL: <http://cygwin.com/pipermail/cygwin/attachments/20050218/c09e8110/attachment.ksh>
-------------- next part --------------
--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list