ssh-add -c makes ssh unusable?

asked 2019-04-08 07:37:35 -0600

pipomoreno gravatar image

updated 2019-04-08 10:53:36 -0600

This was working fine in fed 28, not working in fed 29

gnome-session is started via ssh-agent in Xclients.gnome-session.sh

#!/bin/sh

exec -l $SHELL -c "$SSH_AGENT gnome-session"

To prevent ssh agent hijacking I intend to use ssh-add -c, like:

ssh-add -c id_rsa

the goal is to make sure that there is a dialog which always asks for confirmation. However, when I do this and try to ssh somewhere, it says:

sign_and_send_pubkey: signing failed: agent refused operation

and then asks for password. If I run

ssh-add id_rsa

then ssh-ing works again. How could I ensure that there is a confirmation for agent forwarding?

edit retag flag offensive close merge delete