Ubuntu 16.04 ssh: sign_and_send_pubkey: signing failed: agent refused operation

ssh 16.04

Solution 1:

Looks like an ssh-agent is running already but it can not find any keys attached. To solve this add the private key identities to the authentication agent like so:

ssh-add

Then you can ssh into your server.

in addition, you can see the list of fingerprints of all identities currently added by:

ssh-add -l

Solution 2:

Simple Solution

I had the same problem on Ubuntu 18.04. That's all about client-side private key permissions.

$ ssh [email protected]
sign_and_send_pubkey: signing failed: agent refused operation

The file permissions were too open (0644).

The following command solved it:

chmod 600 ~/.ssh/id_rsa

Solution 3:

I had the same problem (same symptoms) 

sam@xxxxx:~/.ssh$ ssh [email protected]
sign_and_send_pubkey: signing failed: agent refused operation
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

... but the solution was different.

The problem was coming from the use of GNOME-KEYRING. The post referring to the solution may be read here.

In short:

  1. Detect the problem by adding SSH_AUTH_SOCK=0 in front of the ssh command. sam@xxxxx:~/.ssh$ SSH_AUTH_SOCK=0 ssh [email protected]
  2. In case it succeed to connect. Open the application StartUp Application (by using the search function of the Desktop for example) and disable the use of gnome-keyring.
  3. Reboot

The page provide other details in case of similar problem with different solution.

Solution 4:

I was getting the sign_and_send_pubkey: signing failed: agent refused operation when logging into several servers and read VonC's answer on Stack Overflow for more information about related bugs. The solution for me was to remove gnome-keyring, delete identities from ssh-agent, and reboot.

sudo apt-get autoremove gnome-keyring
ssh-add -D

Then all my keys started to work perfectly.

Temporary solution without uninstalling keyring

If you want to keep the gnome-keyring on the local computer and you have the agent refused operation error, use:

eval `ssh-agent -s`
ssh-add

or use SSH_AUTH_SOCK=0 ssh your-server.

Permanent solution without uninstalling keyring

If you can, gnome-keyring is compatible with 4096 bit RSA key, so just generate a new key with:

ssh-keygen -t rsa -f ~/.ssh/your-key-name -b 4096 -v -C root

Upload public key to the server:

ssh-copy-id -i ~/.ssh/your-key-name.pub [email protected]

Add ssh key to the agent:

ssh-add ~/.ssh/your-key-name

This should work without any additional hacks and gnome-keyring can remain installed.

(The -C [username] is optional, but required by providers like Google Cloud.)

Solution 5:

After upgrading to Ubuntu 18.04 I got the same error sign_and_send_pubkey: signing failed: agent refused operation. Turns out it was caused by the permissions of the ssh key being too open. The following command fixed the problem for me chmod 600 .ssh/id_rsa

Related

How to make partitions mount at startup?
Where are sudo's insults stored?
How do I find out which process is eating up my bandwidth?
How to list manually installed packages?
How do I install .run files?
How to choose the default gcc and g++ version?
Difference between systemctl and service commands
How to unzip .tgz file using the terminal?
How do I check my version of GNOME-Shell?
How can I securely erase a hard drive?
can't login as mysql user root from normal user account in ubuntu 16.04
Where are MTP mounted devices located in the filesystem?