Closed selfagency closed 4 years ago
Thanks for reporting, that's strange behavior. When you re-enable the proxycommand does it still keep working?
no
here's my current config
Host *
IdentityAgent ~/.kr/krd-agent.sock
#ProxyCommand /usr/local/bin/krssh %h %p
AddKeysToAgent yes
ForwardAgent yes
IdentityFile ~/.ssh/id_krypton
IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_ecdsa
IdentityFile ~/.ssh/id_dsa
Thanks.
Can you share the output of ssh me.krypt.co -vvv
?
OpenSSH_7.9p1, OpenSSL 1.0.2p 14 Aug 2018
debug1: Reading configuration data /Users/daniel/.ssh/config
debug1: /Users/daniel/.ssh/config line 3: Applying options for *
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug1: Executing proxy command: exec /usr/local/bin/krssh me.krypt.co 22
debug1: identity file /Users/daniel/.ssh/id_krypton type 3
debug1: identity file /Users/daniel/.ssh/id_krypton-cert type -1
debug1: identity file /Users/daniel/.ssh/id_ed25519 type -1
debug1: identity file /Users/daniel/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/daniel/.ssh/id_rsa type 0
debug1: identity file /Users/daniel/.ssh/id_rsa-cert type -1
debug1: identity file /Users/daniel/.ssh/id_ecdsa type -1
debug1: identity file /Users/daniel/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/daniel/.ssh/id_dsa type -1
debug1: identity file /Users/daniel/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: ssh_exchange_identification:
debug1: ssh_exchange_identification: \033[?25l\033[?7l\033[0m\033[31m\033[1m
debug1: ssh_exchange_identification: \033[?25h\033[?7hSSH-2.0-Go
debug1: ssh_exchange_identification:
ssh_exchange_identification: Connection closed by remote host
FYI, I upgraded kr
on my MacBook Pro, which rewrote my ssh config, and now the same thing is happening as above.
Apologies for the delayed followup on this -- what does kr me
output? Also what shell are you using?
kr me
gives me my public key. i'm using fish, but i get the same behavior in bash.
(and yes, this is still happening with version 2.4.13)
Ok thank you for reporting back -- does toggling either of
AddKeysToAgent yes
ForwardAgent yes
in your ssh config change the behavior?
nope, no change
oooh look
➜ krssh
panic: runtime error: index out of range
goroutine 1 [running]:
main.main()
/private/tmp/kr-20181207-5954-tidgpv/src/github.com/kryptco/kr/krssh/krssh.go:259 +0xc0b
same thing happens if i completely uninstall and reinstall the package, whether with homebrew or the bash script.
if i run krssh -h mydomain.com -p 22
it just freezes like it does when i have the proxy command thing enabled in the config.
here are some log traces
Dec 12 16:35:32 selfagency-macpro krssh[12078]: 16:35:32.224 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:35:43 selfagency-macpro krssh[12392]: 16:35:43.328 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:35:55 selfagency-macpro krssh[12708]: 16:35:55.683 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:40:27 selfagency-macpro krd[566]: 16:40:27.705 NOTICE ▶ stopping with signal terminated
Dec 12 16:40:27 selfagency-macpro krd[18047]: 16:40:27.980 NOTICE ▶ krd launched and listening on UNIX socket
Dec 12 16:41:01 selfagency-macpro krssh[18493]: 16:41:01.479 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:41:32 selfagency-macpro krd[18047]: 16:41:32.395 WARNIN ▶ no hostname found for session
Dec 12 16:41:33 selfagency-macpro krd[18047]: 16:41:33.088 NOTICE ▶ response took 567 ms
Dec 12 16:41:33 selfagency-macpro krd[18047]: 16:41:33.088 NOTICE ▶ sign response: &{Signature:0xc00000c6c0 Error:<nil>}
Dec 12 16:41:33 selfagency-macpro krd[18047]: 16:41:33.212 NOTICE ▶ Using Public Key Signature Digest Algorithm: ssh-ed25519
Dec 12 16:43:02 selfagency-macpro krssh[20589]: 16:43:02.739 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:43:43 selfagency-macpro krssh[21774]: 16:43:43.326 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:43:59 selfagency-macpro krssh[22348]: 16:43:59.437 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:46:51 selfagency-macpro krssh[23713]: 16:46:51.242 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:49:50 selfagency-macpro krssh[23990]: 16:49:50.606 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:50:38 selfagency-macpro krssh[24101]: 16:50:38.541 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:50:54 selfagency-macpro krd[18047]: 16:50:54.803 WARNIN ▶ no hostname found for session
Dec 12 16:50:55 selfagency-macpro krd[18047]: 16:50:55.324 NOTICE ▶ response took 396 ms
Dec 12 16:50:55 selfagency-macpro krd[18047]: 16:50:55.324 NOTICE ▶ sign response: &{Signature:0xc0004af000 Error:<nil>}
Dec 12 16:50:55 selfagency-macpro krd[18047]: 16:50:55.445 NOTICE ▶ Using Public Key Signature Digest Algorithm: ssh-ed25519
Dec 12 16:51:01 selfagency-macpro krssh[24520]: 16:51:01.350 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:54:10 selfagency-macpro krd[18047]: 16:54:10.319 WARNIN ▶ no hostname found for session
Dec 12 16:54:10 selfagency-macpro krd[18047]: 16:54:10.750 NOTICE ▶ response took 305 ms
Dec 12 16:54:10 selfagency-macpro krd[18047]: 16:54:10.750 NOTICE ▶ sign response: &{Signature:0xc0004a8f60 Error:<nil>}
Dec 12 16:54:10 selfagency-macpro krd[18047]: 16:54:10.875 NOTICE ▶ Using Public Key Signature Digest Algorithm: ssh-ed25519
Dec 12 16:54:19 selfagency-macpro krssh[24807]: 16:54:19.046 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:54:32 selfagency-macpro krssh[24918]: 16:54:32.023 NOTICE ▶ Checked for update recently, falling back to latest version cache.
Dec 12 16:55:00 selfagency-macpro krssh[25019]: 16:55:00.159 NOTICE ▶ Checked for update recently, falling back to latest version cache.
the logs in my ~/.kr
folder are all empty
The panic is just because krssh is expecting args, and the hang is because it is expecting input on stdin to forward to the server.
Could you post (or send to support@krypt.co) any non-sensitive env vars you have set? (Printed with the env
command)
Hmm nothing stands out there. Are you using a proxy by any chance?
Also I misspoke on the previous comment. The reason krssh isn't printing anything is because it should be invoked with arguments instead of flags -- running krssh me.krypt.co 22
should print SSH-2.0-Go
i am not using a proxy, no. i use dns over https, but that's it.
Oh and
➜ krssh me.krypt.co 22
SSH-2.0-Go
have you really not gotten this complaint from any other mojave user? because it's just plain odd that it would affect two of my computers and no one else's.
hey, just wanted to ping this as it's still an issue.
not helpful, but i'm on mojave and everything works out of the box for me 10.14.5 Beta (18F108f)
Yeah I dunno, I formatted my desktop HD and installed Mac OS from scratch and I have the same problem as on my laptop HD that I upgraded from High Sierra.
This is also happening on MacOS Catalina.
I am having this issue, still, in Catalina as well. What's interesting is that it seems to work until you reboot, and then you need to comment out the Proxy Command again.
I have a brand new Macbook Pro running Catalina and am still having this same problem
kex_exchange_identification: banner line contains invalid characters
Waaaaaaaaait I just figured it out.
I ran ssh me.krypt.co -vvv
again and it's working after I disabled a command, neofetch
, that I had running when I opened a new shell.
Ok, so this is weird:
On my Macbook Pro, I upgraded from High Sierra to Mojave. It still has the PKCS11 identity agent in my
~/.ssh/config
file and the/usr/local/bin/krssh
proxy command. And it works fine.However, on my Mac Pro desktop, I installed Mojave fresh and reinstalled all of my apps, including
kr
. And for some reason, I couldn't connect to any of my servers over SSH. I tried mimicking the configuration from my laptop and was unsuccessful. What did work, however, was disabling the proxy command. Once I commented outProxyCommand
etc., I was able to use SSH again and my computer was able to communicate with my phone to retrieve my private key.So uh... Huh?