On 2022-04-11, Vagrant Cascadian wrote: > On 2022-03-28, Philippe Grégoire wrote: >> After upgrading openssh-client to 8.9p1, Yubikey-managed SSH keys >> can no longer be used. After downgrading to 1:8.4p1-5, it works. >> I believe this is due to recent changes in OpenSSH 8.9 regarding >> ssh-agent communication protocol which GnuPG hasn't yet picked up, >> but haven't found anything on GnuPG's bug tracker. > >> $ ssh example.com >> sign_and_send_pubkey: signing failed for ED25519 "cardno:XXXXXXXX" from >> agent: agent refused operation >> usern...@example.com's password: > > Same problem with Gnuk, presumably multiple or all smartcards are > affected?
According to some folks on irc.oftc.net #debian-devel, not all smartcards are affected, we're the lucky ones! I am using a fairly old build of gnuk, maybe newer firmware versions have been made compatible somehow... ? > Although I was until today using openssh 8.9 just fine, it wasn't until > the openssh 9.0 upgrade that it stopped working for me... For me, downgrading to openssh 1:8.9p1-3 seems to work fine. I've marked that version of openssh as hold for now, but that feels very wrong. :/ live well, vagrant
signature.asc
Description: PGP signature
