RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1353410 - [ssh-copy-id] add "The agent has no identities." in remote ~/.ssh/authorized_keys
Summary: [ssh-copy-id] add "The agent has no identities." in remote ~/.ssh/authorized_...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openssh
Version: 6.9
Hardware: All
OS: Linux
unspecified
high
Target Milestone: rc
: ---
Assignee: Jakub Jelen
QA Contact: Stefan Dordevic
URL:
Whiteboard:
Depends On: 1012262
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-07-07 02:42 UTC by JianHong Yin
Modified: 2017-03-21 10:02 UTC (History)
5 users (show)

Fixed In Version: openssh-5.3p1-119.el6
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1012262
Environment:
Last Closed: 2017-03-21 10:02:34 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
proposed (upstream) patch for RHEL6 (418 bytes, patch)
2016-07-07 08:31 UTC, Jakub Jelen 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:0641 0 normal SHIPPED_LIVE Moderate: openssh security and bug fix update 2017-03-21 12:31:22 UTC

Description JianHong Yin 2016-07-07 02:42:30 UTC 
+++ This bug was initially created as a clone of Bug #1012262 +++

Description of problem:
In my RHEL5.10, virtual host; after ssh-copy-id, can not login without passwd;
and find that it just add "The agent has no identities." in remote authorized_keys

Version-Release number of selected component (if applicable):
authorized_keys

How reproducible:
In my virtual host always; ( 10.66.13.194 root:redhat )
But In a beaker machine not reproduce.

Steps to Reproduce:
1. ssh-copy-id  $host
2. ssh $host
3.

Actual results:
can not login without passwd

Expected results:
login without passwd

Additional info:
  if add -i option, it works fine;

--- Additional comment from Petr Lautrbach on 2014-01-17 08:25:31 EST ---

This Bugzilla has been reviewed by Red Hat and is not planned on being
addressed in Red Hat Enterprise Linux 5, and therefore will be closed.
If this bug is critical to production systems, please contact your Red
Hat support representative and provide sufficient business
justification.

--- Additional comment from BugMasta on 2016-07-06 22:23:47 EDT ---

Yeah thanks a lot.
More great work.

This bug is still present in RHEL6.8, July 2016.

All you had to do was give an error message when the user runs ssh-copy-id, instead of misleading the user by apparently completing successfully.

But you couldn't do that could you. You just ignored the issue.

PATHETIC.

IT IS THIS SORT OF LAZINESS WHICH MAKES USING RHEL AN UTTER NIGHTMARE.

EVERY DAY I ENCOUNTER BUG AFTER BUG AFTER BUG, AND 9/10 OF THEM HAVE BEEN FOUND YEARS AGO, BUT STUPIDITY AND LAZINESS HAS PREVENTED A FIX.
Comment 2 Jakub Jelen 2016-07-07 08:31:02 UTC 
Created attachment 1177214 [details]
proposed (upstream) patch for RHEL6

Steps to reproduce:

 1. Start ssh-agent and do not add any identity:

   $ eval `ssh-agent`

 2. Try ssh-copy-id (make sure there is not passwordless access yet):

   $ ssh-copy-id localhost

 3. Check authorized_keys:

    $ cat ~/.ssh/authorized_keys
    
    The agent has no identities.

It is a bug, but quite late in the round since we entered in the Production Phase 2 with RHEL6. This works fine in RHEL7 anyway.

The upstream fix:
http://git.hands.com/?p=ssh-copy-id.git;a=commitdiff;h=d23b6e4f
Comment 3 BugMasta 2016-07-07 08:55:40 UTC 
That "upstream" fix was comitted on 

	Fri, 18 Jun 2010

SIX YEARS AGO.

"Upstream" What a joke.

WHY IS THE CURRENT, LATEST, SUPPORTED RHEL6 USING A VERSION OF OPENSSH-CLIENTS WHICH DOES NOT CONTAIN SOMETHING THAT WAS COMMITTED 6 YEARS AGO?
Comment 4 Jakub Jelen 2016-07-07 10:59:03 UTC 
It was committed into upstream openssh-5.5p1. In RHEL6 we ship stable version openssh-5.3p1 and we didn't rebase since that time (point of stable distribution).

It is unfortunate that the previous bug (for RHEL5) was not cloned to RHEL6 earlier, but using Caps Lock will not help this fixed in any way.

You are welcome to update to RHEL7 with newer version of openssh and this bug fixed, or escalate this issue through your Red Hat support (Bugzilla is not a support tool).
Comment 10 errata-xmlrpc 2017-03-21 10:02:34 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2017-0641.html
Note You need to log in before you can comment on or make changes to this bug.