Red Hat Bugzilla – Bug 18789
ssh ``dumb'' about DSA keys held by ssh-agent
Last modified: 2007-04-18 12:29:09 EDT
When ssh connects to a machine that doesn't recognize any of the DSA keys
held by ssh-agent, ssh will try ~/.ssh/id_dsa even if ssh-agent has already
provided an unlocked copy of ~/.ssh/id_dsa.
This means that the user is pointlessly prompted for a passphrase for a DSA
key that won't be accepted.
This is not quite true in my experience--
Openssh to ssh2 server version 2.3.0 works fine with the agent and no prompting.
Openssh to ssh2 server version 2.1.0 doesn't work with the information it gets
from the agent, but it is able to get the same key from the same id file after
it prompts for the passphrase.
Check the permissions of the remote ~/.ssh/authorized_keys2 file.
The manpage suggests some.
Do you see this behaviour with more recent versions of OpenSSH?
Have you checked the permissions?
If there are still problems, please provide more data by running ssh -v -v -v and sshd -d -d -d.
No response from reporter.