I would like to use two different services that use public key authentification, without having to always input my pass-phrase.
What I want:
- to be able to type
git pull
without entering my login/password or my passphrase - to be able to type
gcloud [...] ssh [...]
without entering my passphrase each time.
As of today:
git pull
does not ask me to enter my credentials, they are stored inside~/.ssh/id_rsa
and~/.ssh/id_rsa.pub
.gcloud ... ssh ...
always ask me to enter my passphrase:
$ gcloud … ssh …
sign_and_send_pubkey: signing failed: agent refused operation
Enter passphrase for key '/home/BeChillerToo/.ssh/google':
This is the content of my ~/.ssh/config
:
IdentityFile ~/.ssh/google
IdentityFile ~/.ssh/id_rsa
And the content of /etc/ssh/ssh_config
:
Host *
PasswordAuthentication yes
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
EDIT:
My keys seem to be badly added.
Here's the result of ssh-add -l
after I boot:
2048 SHA256:+nCvs...CUM+DHqA4 chill@laptop (RSA)
4096 SHA256:bTgKQM...ok chill@gmail.com (RSA)
4096 SHA256:92d3Wy...jc chill@work-mail.com (RSA)
And then after I add the google-compute-engine
key:
2048 SHA256:+nCvs...CUM+DHqA4 /home/chill/.ssh/google_compute_engine (RSA)
4096 SHA256:bTgKQM...ok chill@gmail.com (RSA)
4096 SHA256:92d3Wy...jc chill@work-mail.com (RSA)
The key related to chill@work-mail.com is the one I use for Github, hence why I don't have to provide credentials to git pull
.
And I suspect that the first key (the one that switches from chill@laptop
to /home/chill/.ssh/google_compute_engine
) is the one causing the problem with gcloud
:
$ gcloud compute ... ssh ...
sign_and_send_pubkey: signing failed: agent refused operation
Enter passphrase for key '/home/chill/.ssh/google_compute_engine':
Best Answer
Use ssh-agent. In a X environment GNOME keyring or KDE wallet can handle the keys automatically. In the console environment start the
ssh-agent
like this:After the
ssh-agent
is started (with theeval
). You can add SSH keys with ssh-addWith current versions of SSH you can also add the option AddKeysToAgent to the
~/.ssh/config
file:This will automatically add the keys to the agent, if the environment variables
SSH_AUTH_SOCK
andSSH_AGENT_PID
are set.Also check this post for the sign_and_send_pubkey: signing failed: agent refused operation error.