I have ForwardAgent yes
for a few hosts. One of them started failing recently and I can't find the reason.
when I ssh to all hosts and execute ssh-add -l
i can see one key just fine. If i ssh to that one host, i get "Could not open a connection to your authentication agent."
I already tried ssh agent forwarding fails with "Could not open a connection to your authentication agent" but it wasn't applicable in my case. I get no debug statement about not being able to write to /tmp as that one did.
here is my ssh -vvv
output:
...
debug1: Authentication succeeded (publickey).
Authenticated to host_that_fails ([1.2.3.4]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug2: callback start
debug1: Requesting authentication agent forwarding.
debug2: channel 0: request [email protected] confirm 0
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
...
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
...
One the failing host I can see the env
variables
SSH_CLIENT=1.2.3.1 45320 22
SSH_TTY=/dev/pts/0
SSH_CONNECTION=1.2.3.1 45320 1.2.3.4
on the hosts that still work i can also see SSH_AUTH_SOCK
Anyone have any idea what is going wrong here?
I've recently faced with the same issue. The root case was a new agent that has been started and the connection went there instead of the forwarded agent. My .bash_profile contained a logic that started a "persistent" agent instance based on .ssh/environment. Removing this "persistent" agent resolved my issue.