Your message dated Tue, 18 Dec 2018 13:15:38 +0100
with message-id <f909c5d8-61fc-0ff0-ada7-33bba5208...@gmx.net>
and subject line Indeed a problem with the use of GnuPG
has caused the Debian Bug report #916713,
regarding openssh-client: ssh-add still shows and uses old ED25519 keys
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
916713: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916713
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openssh-client
Version: 1:7.9p1-4
Severity: important
Hey,
ssh-add remembers old keys that I am not using for weeks. They still
show up after reboot and after ssh-add -D.
There is a bug report about gnome-keyring which states that you can't
delete keys which are imported by i.e. gnome-keyring. Problem is that I
don't have gnome-keyring installed but maybe the keys are stored
somewhere else?
This bug is important because it keeps me from login in with ssh to
devices that disconnect after 3 connect attempts. I have to specify the
key to use manually.
The key is of course not in .ssh/id_ed25519 or in /etc/ssh/...
[hommesf@stark tmp]$ ssh-add -l
4096 SHA256:unV9TSgT3jDr3t5aq7C5QJLiGJRddMIYIFfpkx8V5kY cardno:000500004FDD
(RSA)
256 SHA256:33JVhwdL/E/NLhna6e4vZaj3nfjKVrfz3ss+jldSjD0 hommesf@stark (ED25519)
256 SHA256:mvQJDcAnfXfji5lq/+j2JJPH+8SbYTv3uYFL534Kx1w hommesf@stark (ED25519)
4096 SHA256:f2U9xc2Rc3L9yeIycx5LAfIbMRKNwSSUTzjCxMDGbN0
/home/hommesf/.ssh/id_rsa (RSA)
256 SHA256:L4VndWhOm1D4mJApONnyvtyGbqo2LmmjtHjnH55hsOw hommesf@stark (ED25519)
[hommesf@stark tmp]$ ssh-add -D
All identities removed.
[hommesf@stark tmp]$ ssh-add -d
Identity removed: /home/hommesf/.ssh/id_ed25519 (hommesf@stark)
[hommesf@stark tmp]$ ssh-add -l
4096 SHA256:unV9TSgT3jDr3t5aq7C5QJLiGJRddMIYIFfpkx8V5kY cardno:000500004FDD
(RSA)
256 SHA256:33JVhwdL/E/NLhna6e4vZaj3nfjKVrfz3ss+jldSjD0 hommesf@stark (ED25519)
256 SHA256:mvQJDcAnfXfji5lq/+j2JJPH+8SbYTv3uYFL534Kx1w hommesf@stark (ED25519)
4096 SHA256:f2U9xc2Rc3L9yeIycx5LAfIbMRKNwSSUTzjCxMDGbN0
/home/hommesf/.ssh/id_rsa (RSA)
256 SHA256:L4VndWhOm1D4mJApONnyvtyGbqo2LmmjtHjnH55hsOw hommesf@stark (ED25519)
[hommesf@stark ~]$ echo $SSH_AUTH_SOCK
/run/user/1000/gnupg/S.gpg-agent.ssh
I am trying to fix this for weeks but nothing is helping.
Greetings
Frank
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.18.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages openssh-client depends on:
ii adduser 3.118
ii dpkg 1.19.2
ii libc6 2.27-8
ii libedit2 3.1-20180525-1
ii libgssapi-krb5-2 1.16.1-1
ii libselinux1 2.8-1+b1
ii libssl1.1 1.1.1a-1
ii passwd 1:4.5-1.1
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages openssh-client recommends:
ii xauth 1:1.0.10-1
Versions of packages openssh-client suggests:
pn keychain <none>
pn libpam-ssh <none>
pn monkeysphere <none>
pn ssh-askpass <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Hey Timo,
thanks for your help!
You have been right. The keys had been stored in .gnupg/somedir/
After deleting them everything works as expected!
Specifing an identify file was no option since I am also using a nitrokey...
Grüße
Frank
--- End Message ---
