# ssh keychain not working

## evoweiss

Hi all,

For some time now I've been able to login without a password via the ssh keychain. After an openssh upgrade to 7.1 to 6.9, it has stopped working. I am not sure what has happened and I tried to redo the steps but to no avail. There doesn't appear to be anything missing in the config file, unless this has changed.

Any thoughts on where to start?

Best,

Alex

Edited: Changed the versionLast edited by evoweiss on Wed Nov 04, 2015 2:23 pm; edited 1 time in total

----------

## krinn

you mean something like that?

https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html

i mean they default disable it, so a newer version may have totally drop the option and reenable it won't works.

----------

## evoweiss

 *krinn wrote:*   

> you mean something like that?
> 
> https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html
> 
> i mean they default disable it, so a newer version may have totally drop the option and reenable it won't works.

 

Ah... I didn't see that earlier, thanks. I will see whether generating a new keypair using RSA works. Somehow,  I think it will. 

Best,

Alex

----------

## evoweiss

 *krinn wrote:*   

> you mean something like that?
> 
> https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html
> 
> i mean they default disable it, so a newer version may have totally drop the option and reenable it won't works.

 

Unfortunately, I am still having trouble. For some reason when I log in I get the following:

```

Enter passphrase for key '/home/X/.ssh/id_rsa': 

You have new mail in folder /var/mail/X.

 * Warning: can't find /home/X/.ssh/id_dsa; skipping

 * keychain 2.8.1 ~ http://www.funtoo.org

 * Found existing ssh-agent: 2266

 * Warning: can't find /home/X/.ssh/id_rsa; skipping

```

My .bashrc has the following in it:

```

keychain ~/.ssh/id_rsa

source ${HOME}/.keychain/${HOSTNAME}-sh

```

I cannot seem to add keys to ssh.

Sorry for being so terse, but I am in the middle of other things. A headache doesn't help, either  :Smile: .

Best,

Alex

----------

## khayyam

 *evoweiss wrote:*   

> 
> 
> ```
> Enter passphrase for key '/home/X/.ssh/id_rsa':
> 
> ...

 

evoweiss ... the fact that you're asked for the pass prior to the error, and the 'found existing ssh agent', suggests that $SSH_AUTH_SOCK and $SSH_AGENT_PID are set. I'm not sure why this seems to be run twice, but I suspect you might have the same code in .bash_profile, or .bash_login, where (given that it only needs to be run for a login shell) I'd expect it to go. That not being the case then I'd suggest the following:

~/.bash_profile ... or ~/.bash_login

```
keychain id_rsa

[[ -n "$HOSTNAME" ]] || HOSTNAME="$(uname -n)"

[[ -f $HOME/.keychain/$HOSTNAME-sh ]] && source $HOME/.keychain/$HOSTNAME-sh
```

Note you'll need to start a login shell for changes to come into effect ...

```
$ exec bash --login

$ echo -e $SSH_AUTH_SOCK\\n$SSH_AGENT_PID
```

HTH & best ... khay

----------

## evoweiss

Dear Khay,

Thanks... I was apparently making a silly mistake, likely a result of said headache and my general tiredness. All is running well now.

Best,

Alex

 *khayyam wrote:*   

>  *evoweiss wrote:*   
> 
> ```
> Enter passphrase for key '/home/X/.ssh/id_rsa':
> 
> ...

 

----------

