Cannot load all ssh-keys of my keepass

[Kavernes]

Good day to you community.

I started to use KeeAgent only recently and found it awesome to use, it worked fine until I noticed some issues that I don't manage to explain. From the KeePass UI all my keys are marked as "Loaded", from "Tools > KeeAgent" I can see only 13 keys loaded (versus around 30 in reality). When I use ssh.exe or visual studio code with the "Remote SSH" plugin, some of the keys in the list are usable but some of them are not despite the fact that they appear loaded.

I am not sure what kind of log or evidence I could provide that could help to understand this issue. Thanks for your help.

[MarviMcFly]

Hi, I also recently started to use KeeAgent and I weren't able to import my first key-pair. While searching for an solution I found #316. My key-pair was created with PuTTYgen version 0.75 which leads to an currently not supported format while the format is now PPKv3 (as far as I understood).

Thankfully there is an CI build (https://github.com/dlech/KeeAgent/actions/runs/1665388970) which I haven't tested yet and a version from one of the contributors. So you may check them out. Eventually they will help you.

I would guess the first and foremost imported information would be the differences between the "working" and "not working" keys. For example like file format, how there were generated, etc.

[dlech]

There is also usually a sever imposed limit of how many keys can be tried (e.g. OpenSSH server will only try the first 6 keys). There are a number of workarounds for this:

• https://keeagent.readthedocs.io/en/stable/usage/tips-and-tricks.html#creating-url-overrides-to-open-a-connection
• Enable Show selection dialog when a client program requests a list of keys in https://keeagent.readthedocs.io/en/stable/usage/options.html#global-options
• Disable Add key to agent when database is opened/unlocked in https://keeagent.readthedocs.io/en/stable/usage/options.html#entry-settings

[Kavernes]

Hi @MarviMcFly, @dlech,

Thank you very much for your feedback. Apparently my issue is the one described by @dlech. I applied the work around "Show selection dialog when a client program requests a list of keys" (Workaround 2). So for security purpose I don't have my keys on the filesystem (Workaround 1) and I still check "Add key to agent when database is opened/unlocked" for UX purpose (Workaround 1).

One last question though, seems like I cannot load more than 16 keys in my KeeAgent database (The 16th key is overwritten when I try to add a 17th key). Is this a known issue ? All my keys have been generated under windows using Openssh (ssh-keygen command) with algorithm ed25519.

[dlech]

seems like I cannot load more than 16 keys in my KeeAgent database (The 16th key is overwritten when I try to add a 17th key). Is this a known issue ?

I don't recall this being reported before.

[Kavernes]

Oh I see. Then would you mind helping me find out the log or any debug of the application ? I try to find some errors or information about what's happening when I load a new key but without any success....

[dlech]

There is no debug logging. If you could create a new database with new keys that reproduces the issue for testing and attach it to a comment here, I can have a look at it.

[kwomba]

I do have the same issue as @Kavernes, Only 13 keys are loaded. I can manually add more, but the next time KeePass starts only 13 keys are loaded.

Is there any order in which the keys are loaded?

[kwomba]

I have to come back to what I wrote before. After doing some debugging I found out that some keys were not loaded because they where duplicates of earlier loaded keys. So seems that the 13 was pure coincidence .