I use gpg-agent as ssh agent, After I upgraded gnupg to version 2.1.8, I can't
use my ssh key (ed25519) to login anymore. It was working in 2.1.7 version.
This is the output of ssh-add -L
key_from_blob: invalid format
I use gpg-agent as ssh agent, After I upgraded gnupg to version 2.1.8, I can't
use my ssh key (ed25519) to login anymore. It was working in 2.1.7 version.
This is the output of ssh-add -L
key_from_blob: invalid format
That is interesting.
Which version of Libgcrypt are you using. (gpg --version shows it)
When did you create your GPG key of ed25519?
Or... did you register your SSH key by ssh-add?
If so, gnupg/agent/command-ssh.c:2147 doesn't add prefix 0x40.
That's the problem.
Sorry, that's my badness. I didn't look through this code path.
If you can binary-edit, please add
prefix @ (0x40) to the public key in the *.key file.
There is the sequence like:
...(3:ecc(5:curve7:Ed25519)(5:flags5:eddsa)(1:q32...
This shoule be changed:
...(3:ecc(5:curve7:Ed25519)(5:flags5:eddsa)(1:q33@...
Sorry for your inconvenience.
Which version of Libgcrypt are you using. (gpg --version shows it)
libgcrypt-config --version
1.6.4
When did you create your GPG key of ed25519?
Or... did you register your SSH key by ssh-add?
The ssh key was generated by "ssh-keygen -t ed25519" and added by ssh-add.
If you can binary-edit, please add
prefix @ (0x40) to the public key in the *.key file.
I change from:
(3:ecc(5:curve7:Ed25519)(5:flags5:eddsa)(1:q32:..
to:
(3:ecc(5:curve7:Ed25519)(5:flags5:eddsa)(1:q33@:..
then 'ssh-add -L', and get
The agent has no identities.
It seems not working for me. By the way, I switch to 2.1.7 version which
doesn't have this problem.
This has been fixed in the repo (7d5999f). AFAICS, you need to ssh-add the key
again.
It has been fixed. However, because the keygrip is same (before the fix and
after the fix), ssh-add doesn't update the file.
A user needs to remove the file at first.
I'm not sure what to suggest here.
Perhaps, getting the keygrip by 'gpg-connect-agent "keyinfo --ssh-list" /bye',
and then remove the file.
then ssh-add again.
If it's Bash, it is like:
$ rm -i ~/.gnupg/private-keys-v1.d/$(gpg-connect-agent "KEYINFO --ssh-list"
/bye | awk '{print $3}').key