** Description changed: Today I wanted to upgrade the security of my SSH keys to use PBKDF. After struggling with ssh-agent I realised that either Gnome Keyring was unable to handle the new ssh key or it was a problem with ssh-agent. After troubleshooting historic bugs with ssh-agent I was unable to make it work. It always returned the error "Agent admitted failure to sign using the key on big endian machines" The problem seems to be that Gnome Keyring is unable to handle the complex newly encoded passphrase. Steps to reproduce: 1. Create a SSH key with PBKDF ssh-keygen -b 4096 -o -a 500 2. Either overwrite or create new keys with default identity id_rsa 3. Protect it with a strong password (256-But Hex Key) 4. Delete previous keys stored by ssh-agent ssh-add -D (for manual entries) ssh-add -d (for automatic entries) 5. Reset ssh-agent to be extra confident that ssh-agent is not storing anything in memory killall ssh-agent; eval `ssh-agent` 6. Add the new key ssh-add + 7. You may get an error when trying to use keys to ssh a server saying + "Agent admitted failure to sign using the key on big endian machines" - 7. You may get an error when trying to use keys to ssh a server saying "Agent admitted failure to sign using the key on big endian machines" + Disabling ssh-agent means that I'm able to input password in console and + use my private key. I can then log in to my server OK. So I don't think + there are problems with the generation of keys either About my machine: Ubuntu 15.04
-- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1464296 Title: Ubuntu unable to handle ssh keys with PBKDF To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1464296/+subscriptions -- desktop-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
