On Sunday, 30 November 2025 12:15:28 GMT Jay Kayes via Gnupg-users wrote: > The error I get on connection: > ssh jay@testserver > sign_and_send_pubkey: signing failed for ED25519 > "cardno:0000_12345678" from agent: agent refused operation
Looks like the same problem I once had with 2.4.x (and still have on another machine that is still running 2.4.x). If so, a workaround is to add the following option to your ~/.ssh/config file: PubkeyAuthentication unbound (It can be set either globally, or in the section for the host(s) where SSH host certificates are used.) My understanding (which may or may not be correct) is that the host-bound authentication protocol extension (which the option above will disable) is only useful when agent forwarding is used; when not using agent forwarding, disabling this extension should not have any security impact. > I did not notice any relevant changes listed in the release notes, but > something has clearly been fixed in the 2.5 series. I think it might be the fix to https://dev.gnupg.org/T7436, which landed in 2.5.2. Best, - Damien
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
