It worked with ssh-agent and still works without any agent -- settings in ~/.ssh/config just work as they should. But with gpg-agent there is such a mess.
2014-02-15 18:19 GMT+04:00 Faru Guredo <[email protected]>: > After I have done small investigation, I've found that it's only the > second try when gpg-agent uses wrong identity. The first is done with > correct identity, but ssh server failed to authenticate the key because of > this error: > > error: RSA_public_decrypt failed: > error:0407006A:lib(4):func(112):reason(106) > debug1: ssh_rsa_verify: signature incorrect > > Both keys are RSA with the same length (4096). > > debug1: Server accepts key: pkalg ssh-rsa blen 535. > > But ssh server refuses to validate the first and approves only the latter > one (there is a gitolite installation) which causes the push to be done > with the wrong key, and hence, the wrong username. > > > 2014-02-14 10:23 GMT+04:00 Faru Guredo <[email protected]>: > > Hello. >> >> I am migrating from ssh-agent to gpg-agent and have successfully loaded >> my SSH keys into the new agent, >> >> $ ssh-add -l >> 4096 5c:f3:b8:34:56:31:08:88:7b:4d:a3:ce:d8:9b:62:d7 >> /home/faru/.ssh/first-company (RSA) >> 4096 d9:14:07:00:15:c4:7b:70:c4:94:73:6c:bb:5d:25:42 >> /home/faru/.ssh/second-company (RSA) >> 4096 df:19:f5:24:c7:2f:09:c3:ef:15:03:9f:aa:46:4c:06 >> /home/faru/.ssh/third-company (RSA) >> 4096 05:28:b8:2b:dc:65:55:d3:62:8b:37:e7:b5:a6:df:a4 >> /home/faru/.ssh/fourth-company (RSA) >> >> And in ~/.ssh/config I have lines, telling that ~/.ssh/third-company >> should be used when connecting to third-company.com >> >> Host third-company >> HostName third-company.com >> User git >> IdentityFile ~/.ssh/third-company >> >> Though, when I push commits there, git on the server says 'Access denied >> for first-company'. So I figured out that gpg-agent uses first available >> key instead of looking at the host and settings in ~/.ssh/config >> Host is defined in .git/config as >> >> [remote "origin"] >> url = ssh://git@third-company/reponame.git >> >> How could I fix that? >> > >
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
