dit*_*iti 14 ssh terminal ssh-agent
为了忘记私钥密码(id_rsa),我通常运行:
ssh-add -D # to forget all loaded identities
ssh-add -d # to forget primary identity ($HOME/.ssh/id_rsa)
现在使用 macOS Sierra v10.12.1 我收到这个错误:
$ ssh-add -D
All identities removed.
$ ssh-add -d
Could not remove identity "/Users/user/.ssh/id_rsa": agent refused operation
Could not remove identity "/Users/user/.ssh/id_dsa": agent refused operation
我搜索谷歌没有运气!
Nel*_*els 10
就我而言,我遇到了一个稍微不同的问题。当我调用ssh-add -D代理时,它似乎成功并做出响应,All identities removed.但事实上,在列出代理密钥时,ssh-add -l不需要的密钥仍然列出,当然,当尝试使用代理对远程主机进行身份验证时,代理会提示我使用我配置的pin 程序将密码短语设置为不需要的密钥。恼人的。
问题的原因是我的 gpg-agent 守护进程已将密钥缓存在路径下的文件中~/.gnupg/sshcontrol:
$ cat ~/.gnupg/sshcontrol
# List of allowed ssh keys. Only keys present in this file are used
# in the SSH protocol. The ssh-add tool may add new entries to this
# file to enable them; you may also add them manually. Comment
# lines, like this one, as well as empty lines are ignored. Lines do
# have a certain length limit but this is not serious limitation as
# the format of the entries is fixed and checked by gpg-agent. A
# non-comment line starts with optional white spaces, followed by the
# keygrip of the key given as 40 hex digits, optionally followed by a
# caching TTL in seconds, and another optional field for arbitrary
# flags. Prepend the keygrip with an '!' mark to disable it.
# RSA key added on: 2021-06-03 16:23:25
# Fingerprints: MD5:c1:[elided]:24
# SHA256:+Mj[elided]E4
21[elided]C9 0
# Ed25519 key added on: 2021-06-03 22:11:36
# Fingerprints: MD5:[elided]:24:da
# SHA256:EL[elided]Zs
E0[elided]47 0
从 中删除这些密钥使~/.gnupg/sshcontrol我能够恢复使用 gpg-agent 来对远程主机进行身份验证,而无需代理要求我不再使用的密钥的密码。
小智 6
当引用的身份与添加的身份不同时,我就发生了此错误。该-d选项删除特定的键。如果该密钥从未加载过,则拒绝将其删除。您可以检查加载的密钥ssh-add -l并检查密钥签名ssh-keygen -lf <path-to-private-key>
| 归档时间: |
|
| 查看次数: |
24953 次 |
| 最近记录: |