WinCrypt not working anymore as pageant

brain246 commented 1 year ago

Hello there,

I have been (and am still) using the combination of KeePass, KeeAgent (client mode) and WinCrypt for storing and serving any ssh keys for a while now. The reason for using Wincrypt as pageant was because it has good compatibility with WSL2.

After getting a new notebook and reinstalling everything however, i am getting this error message when trying to add ssh keys: (just removed the entry name in line 2)

It works fine if i am using Putty's pageant though, so this might entirely be an issue with Wincrypt as well. I downgraded KeeAgent and WinCrypt to the exactly same versions as i am using them on the other machine, the issue remains though.

Any ideas on how to approach this any further?

The full error message:

See the end of this message for details on invoking 
just-in-time (JIT) debugging instead of this dialog box.

************** Exception Text **************
System.Exception: send message failed
   at dlech.SshAgentLib.PageantClient.SendMessage(Byte[] aMessage)
   at dlech.SshAgentLib.AgentClient.SendMessage(BlobBuilder builder)
   at dlech.SshAgentLib.AgentClient.SendMessageAndCheckSuccess(BlobBuilder aBuilder)
   at dlech.SshAgentLib.AgentClient.AddKey(ISshKey key, IEnumerable`1 constraints, DestinationConstraint destinationConstraint)
   at KeeAgent.KeeAgentExt.AddEntry(PwEntry entry, ICollection`1 constraints)
   at KeeAgent.KeeAgentExt.GroupContextMenuLoadKeysMenuItem_Click(Object sender, EventArgs e)
   at System.Windows.Forms.ToolStripItem.RaiseEvent(Object key, EventArgs e)
   at System.Windows.Forms.ToolStripMenuItem.OnClick(EventArgs e)
   at System.Windows.Forms.ToolStripItem.HandleClick(EventArgs e)
   at System.Windows.Forms.ToolStripMenuItem.ProcessCmdKey(Message& m, Keys keyData)
   at System.Windows.Forms.ToolStripManager.ProcessShortcut(Message& m, Keys shortcut)
   at System.Windows.Forms.Form.ProcessCmdKey(Message& msg, Keys keyData)
   at KeePass.Forms.MainForm.ProcessCmdKey(Message& msg, Keys keyData)
   at System.Windows.Forms.Control.ProcessCmdKey(Message& msg, Keys keyData)
   at System.Windows.Forms.ContainerControl.ProcessCmdKey(Message& msg, Keys keyData)
   at System.Windows.Forms.Control.ProcessCmdKey(Message& msg, Keys keyData)
   at System.Windows.Forms.Control.ProcessCmdKey(Message& msg, Keys keyData)
   at System.Windows.Forms.ContainerControl.ProcessCmdKey(Message& msg, Keys keyData)
   at System.Windows.Forms.Control.ProcessCmdKey(Message& msg, Keys keyData)
   at System.Windows.Forms.Control.ProcessCmdKey(Message& msg, Keys keyData)
   at System.Windows.Forms.Control.PreProcessMessage(Message& msg)
   at System.Windows.Forms.Control.PreProcessControlMessageInternal(Control target, Message& msg)
   at System.Windows.Forms.Application.ThreadContext.PreTranslateMessage(MSG& msg)

************** Loaded Assemblies **************
mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4614.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/mscorlib.dll
----------------------------------------
KeePass
    Assembly Version: 2.53.1.20815
    Win32 Version: 2.53.1.0
    CodeBase: file:///C:/Program%20Files/KeePass%20Password%20Safe%202/KeePass.exe
----------------------------------------
System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4605.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4550.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4395.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Configuration
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4341.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4605.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
System.Xml
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
CrowdStrike.Sensor.ScriptControl
    Assembly Version: 6.52.16606.0
    Win32 Version: 6.52.16606.0
    CodeBase: file:///C:/WINDOWS/System32/CrowdStrike.Sensor.ScriptControl16606.dll
----------------------------------------
Accessibility
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Accessibility/v4.0_4.0.0.0__b03f5f7f11d50a3a/Accessibility.dll
----------------------------------------
KeeAgent
    Assembly Version: 0.13.5.0
    Win32 Version: 0.13.5.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/aDOWkAWKzfj8cKiub4Rm/KeeAgent.dll
----------------------------------------
SshAgentLib
    Assembly Version: 0.9.4.0
    Win32 Version: 0.9.4.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/aDOWkAWKzfj8cKiub4Rm/SshAgentLib.DLL
----------------------------------------
SshAgentLib.WinForms
    Assembly Version: 0.9.2.0
    Win32 Version: 0.9.2.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/aDOWkAWKzfj8cKiub4Rm/SshAgentLib.WinForms.DLL
----------------------------------------
KoenZomersKeePassOneDriveSync
    Assembly Version: 2.1.2.2
    Win32 Version: 2.1.2.2
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/eatQoEXZW3HOMKiVzHA1/KoenZomersKeePassOneDriveSync.dll
----------------------------------------
Newtonsoft.Json
    Assembly Version: 8.0.0.0
    Win32 Version: 8.0.1.19229
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/eatQoEXZW3HOMKiVzHA1/Newtonsoft.Json.DLL
----------------------------------------
System.Numerics
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Numerics/v4.0_4.0.0.0__b77a5c561934e089/System.Numerics.dll
----------------------------------------
System.Runtime.Serialization
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4536.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Serialization/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Serialization.dll
----------------------------------------
System.Xml.Linq
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml.Linq/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.Linq.dll
----------------------------------------
System.Data
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4584.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_64/System.Data/v4.0_4.0.0.0__b77a5c561934e089/System.Data.dll
----------------------------------------
KeePassOTP
    Assembly Version: 1.6.4.0
    Win32 Version: 1.6.4
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/FvA5wgn7ddDf1jUVLE3Q/KeePassOTP.dll
----------------------------------------
KeePassRPC
    Assembly Version: 2.0.34.26750
    Win32 Version: 1.14.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/ablwE9eTT6KMhu2L7xgG/KeePassRPC.dll
----------------------------------------
Fleck2
    Assembly Version: 1.0.0.0
    Win32 Version: 1.0.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/ablwE9eTT6KMhu2L7xgG/Fleck2.DLL
----------------------------------------
DomainPublicSuffix
    Assembly Version: 2.0.1.0
    Win32 Version: 2.0.1.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/ablwE9eTT6KMhu2L7xgG/DomainPublicSuffix.DLL
----------------------------------------
Jayrock
    Assembly Version: 0.9.12915.0
    Win32 Version: 0.9.11214.1056
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/ablwE9eTT6KMhu2L7xgG/Jayrock.DLL
----------------------------------------
KeeTheme
    Assembly Version: 0.10.2.0
    Win32 Version: 0.10.2.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/IUoeHKY54h8J5mhcAZ7Z/KeeTheme.dll
----------------------------------------
KPSyncForDrive
    Assembly Version: 4.1.0.0
    Win32 Version: 4.1.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/KPSyncForDrive.dll
----------------------------------------
Google.Apis.Drive.v3
    Assembly Version: 1.51.0.2265
    Win32 Version: 1.51.0.2265
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/Google.Apis.Drive.v3.DLL
----------------------------------------
Serilog
    Assembly Version: 2.0.0.0
    Win32 Version: 2.10.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/Serilog.DLL
----------------------------------------
Serilog.Sinks.File
    Assembly Version: 2.0.0.0
    Win32 Version: 4.1.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/Serilog.Sinks.File.DLL
----------------------------------------
Google.Apis.Core
    Assembly Version: 1.51.0.0
    Win32 Version: 1.51.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/Google.Apis.Core.DLL
----------------------------------------
System.Security
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4341.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Security/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Security.dll
----------------------------------------
Newtonsoft.Json
    Assembly Version: 12.0.0.0
    Win32 Version: 12.0.3.23909
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/Newtonsoft.Json.DLL
----------------------------------------
KeePass.XmlSerializers
    Assembly Version: 2.53.1.20815
    Win32 Version: 2.53.1.20815
    CodeBase: file:///C:/Program%20Files/KeePass%20Password%20Safe%202/KeePass.XmlSerializers.DLL
----------------------------------------
System.Data.SqlXml
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Data.SqlXml/v4.0_4.0.0.0__b77a5c561934e089/System.Data.SqlXml.dll
----------------------------------------
BouncyCastle.Crypto
    Assembly Version: 1.9.0.0
    Win32 Version: 1.9.0.1
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/aDOWkAWKzfj8cKiub4Rm/BouncyCastle.Crypto.DLL
----------------------------------------
WindowsBase
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4605.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/WindowsBase/v4.0_4.0.0.0__31bf3856ad364e35/WindowsBase.dll
----------------------------------------
Microsoft.IdentityModel.Extensions
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.1459.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/eatQoEXZW3HOMKiVzHA1/Microsoft.IdentityModel.Extensions.DLL
----------------------------------------
System.IdentityModel
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4536.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.IdentityModel/v4.0_4.0.0.0__b77a5c561934e089/System.IdentityModel.dll
----------------------------------------
System.Net.Http
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Net.Http/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Net.Http.dll
----------------------------------------
KoenZomers.OneDrive.Api
    Assembly Version: 2.3.0.3
    Win32 Version: 2.3.0.3
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/eatQoEXZW3HOMKiVzHA1/KoenZomers.OneDrive.Api.DLL
----------------------------------------
System.ServiceModel.Internals
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4536.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.ServiceModel.Internals/v4.0_4.0.0.0__31bf3856ad364e35/System.ServiceModel.Internals.dll
----------------------------------------
System.Transactions
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_64/System.Transactions/v4.0_4.0.0.0__b77a5c561934e089/System.Transactions.dll
----------------------------------------
protobuf-net
    Assembly Version: 2.4.0.0
    Win32 Version: 2.4.6.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/FvA5wgn7ddDf1jUVLE3Q/protobuf-net.DLL
----------------------------------------
Jayrock.Json
    Assembly Version: 0.9.12915.0
    Win32 Version: 0.9.13422.2206
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/ablwE9eTT6KMhu2L7xgG/Jayrock.Json.DLL
----------------------------------------
KPSyncWindows
    Assembly Version: 4.1.0.0
    Win32 Version: 4.1.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/KPSyncWindows.DLL
----------------------------------------
Google.Apis.Auth
    Assembly Version: 1.51.0.0
    Win32 Version: 1.51.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/Google.Apis.Auth.DLL
----------------------------------------
Google.Apis
    Assembly Version: 1.51.0.0
    Win32 Version: 1.51.0.0
    CodeBase: file:///C:/Users/ttotter/AppData/Local/KeePass/PluginCache/B7T69YAYCBwet12xE8yd/Google.Apis.DLL
----------------------------------------
Microsoft.GeneratedCode
    Assembly Version: 1.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
System.Web
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4494.0 built by: NET48REL1LAST_B
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_64/System.Web/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Web.dll
----------------------------------------
Microsoft.GeneratedCode
    Assembly Version: 1.0.0.0
    Win32 Version: 4.8.4161.0 built by: NET48REL1
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------

************** JIT Debugging **************
To enable just-in-time (JIT) debugging, the .config file for this
application or computer (machine.config) must have the
jitDebugging value set in the system.windows.forms section.
The application must also be compiled with debugging
enabled.

For example:

<configuration>
    <system.windows.forms jitDebugging="true" />
</configuration>

When JIT debugging is enabled, any unhandled exception
will be sent to the JIT debugger registered on the computer
rather than be handled by this dialog box.

brain246 commented 1 year ago

I fixed the issue myself or more like found a workaround: After starting KeePass/KeeAgent with admninistrator privileges everything works again.

dlech commented 1 year ago

Since you are using client mode, I don't think there is anything we can do in KeeAgent. I'm guessing you are running Pagent as an admin?

brain246 commented 1 year ago

Since you are using client mode, I don't think there is anything we can do in KeeAgent. I'm guessing you are running Pagent as an admin?

That's the odd thing: I am not running the pageant as admin. But the company policies and the way they handle local admin privileges (my user isn't admin per se anymore, but can request admin privileges for certain actions/processes) seems to make a difference here. But it is working now, so you can close this issue, maybe it is of some help for others in the future though.

Thanks for the fast response and have a nice day (or evening wherever you are) :)

brain246 commented 1 year ago

Just wanted to add something here: In fact i was running WinCryptAgent with admin privileges (that was set in the exe properties -> advanced, i somehow had forgotten that). The issue was however, that when not running it with admin rights, KeeAgent wasn't able to add the keys to the agent (same thing happened by the way with putty/pageant).

In the end i ended up using KeeAgent in Agent mode (with OpenSSH enabled) and the WSL2 part i solved with npiperelay.exe and wsl-ssh-agent-relay as described here.

That works now in any Windows Shell, WSL2 (Bash and Fish) and also in Git-Bash (Git for Windows).

dlech / KeeAgent

WinCrypt not working anymore as pageant #385