Ssh ForwardAgent, “Could not open a connection to your authentication agent.”

sshssh-agent

I have ForwardAgent yes for a few hosts. One of them started failing recently and I can't find the reason.

when I ssh to all hosts and execute ssh-add -l i can see one key just fine. If i ssh to that one host, i get "Could not open a connection to your authentication agent."

I already tried ssh agent forwarding fails with "Could not open a connection to your authentication agent" but it wasn't applicable in my case. I get no debug statement about not being able to write to /tmp as that one did.

here is my ssh -vvv output:

...
debug1: Authentication succeeded (publickey).
Authenticated to host_that_fails ([1.2.3.4]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug1: Requesting authentication agent forwarding.
debug2: channel 0: request auth-agent-req@openssh.com confirm 0
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
...
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
...

One the failing host I can see the env variables

SSH_CLIENT=1.2.3.1 45320 22
SSH_TTY=/dev/pts/0
SSH_CONNECTION=1.2.3.1 45320 1.2.3.4

on the hosts that still work i can also see SSH_AUTH_SOCK

Anyone have any idea what is going wrong here?

Best Answer

I've recently faced with the same issue. The root case was a new agent that has been started and the connection went there instead of the forwarded agent. My .bash_profile contained a logic that started a "persistent" agent instance based on .ssh/environment. Removing this "persistent" agent resolved my issue.

Related Topic