Red Hat Bugzilla – Bug 1353410
[ssh-copy-id] add "The agent has no identities." in remote ~/.ssh/authorized_keys
Last modified: 2017-03-21 06:02:34 EDT
+++ This bug was initially created as a clone of Bug #1012262 +++ Description of problem: In my RHEL5.10, virtual host; after ssh-copy-id, can not login without passwd; and find that it just add "The agent has no identities." in remote authorized_keys Version-Release number of selected component (if applicable): authorized_keys How reproducible: In my virtual host always; ( 10.66.13.194 root:redhat ) But In a beaker machine not reproduce. Steps to Reproduce: 1. ssh-copy-id $host 2. ssh $host 3. Actual results: can not login without passwd Expected results: login without passwd Additional info: if add -i option, it works fine; --- Additional comment from Petr Lautrbach on 2014-01-17 08:25:31 EST --- This Bugzilla has been reviewed by Red Hat and is not planned on being addressed in Red Hat Enterprise Linux 5, and therefore will be closed. If this bug is critical to production systems, please contact your Red Hat support representative and provide sufficient business justification. --- Additional comment from BugMasta on 2016-07-06 22:23:47 EDT --- Yeah thanks a lot. More great work. This bug is still present in RHEL6.8, July 2016. All you had to do was give an error message when the user runs ssh-copy-id, instead of misleading the user by apparently completing successfully. But you couldn't do that could you. You just ignored the issue. PATHETIC. IT IS THIS SORT OF LAZINESS WHICH MAKES USING RHEL AN UTTER NIGHTMARE. EVERY DAY I ENCOUNTER BUG AFTER BUG AFTER BUG, AND 9/10 OF THEM HAVE BEEN FOUND YEARS AGO, BUT STUPIDITY AND LAZINESS HAS PREVENTED A FIX.
Created attachment 1177214 [details] proposed (upstream) patch for RHEL6 Steps to reproduce: 1. Start ssh-agent and do not add any identity: $ eval `ssh-agent` 2. Try ssh-copy-id (make sure there is not passwordless access yet): $ ssh-copy-id localhost 3. Check authorized_keys: $ cat ~/.ssh/authorized_keys The agent has no identities. It is a bug, but quite late in the round since we entered in the Production Phase 2 with RHEL6. This works fine in RHEL7 anyway. The upstream fix: http://git.hands.com/?p=ssh-copy-id.git;a=commitdiff;h=d23b6e4f
That "upstream" fix was comitted on Fri, 18 Jun 2010 SIX YEARS AGO. "Upstream" What a joke. WHY IS THE CURRENT, LATEST, SUPPORTED RHEL6 USING A VERSION OF OPENSSH-CLIENTS WHICH DOES NOT CONTAIN SOMETHING THAT WAS COMMITTED 6 YEARS AGO?
It was committed into upstream openssh-5.5p1. In RHEL6 we ship stable version openssh-5.3p1 and we didn't rebase since that time (point of stable distribution). It is unfortunate that the previous bug (for RHEL5) was not cloned to RHEL6 earlier, but using Caps Lock will not help this fixed in any way. You are welcome to update to RHEL7 with newer version of openssh and this bug fixed, or escalate this issue through your Red Hat support (Bugzilla is not a support tool).
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2017-0641.html