Forums

SSH ask for password instead of using key passphrase ?

I'm using Windows10 to ssh into ssh.pythonanywhere.com. I have generated public/private keys, added the public to authorized_keys. I then ssh using -i option:

ssh -i .ssh\mykey ihave9fishes@ssh.pythonanywhere.com

it worked and it asked for my passphrase. But when I add it to my agent, using

ssh-add .ssh\mykey

it asked for the password instead of using public key authorization. It also output warning:

agent returned different signature type ssh-rsa (expected rsa-sha2-512)

What am I doing wrong ? Is it because I'm using custom path when generate key?

Here's the whole process:

Generate key: ssh-keygen -t rsa -b 4096 , then I provided path and passphrase. I copied public key to the server, since windows doesn't have the ssh-copy-id command, I use this command instead:

type .ssh\mykey.pub | ssh %login% "cat >> ~/.ssh/authorized_keys"

("login" is the ssh credentials as env var) then I provided the password when it asked, the command seems worked when I check the authorized_keys in the server. Then I ssh into the server using the private/public key, by passing -i options like above, it worked and asked for the key's passphrase. I then add the key to my agent, so I wouldn't have to pass the -i option everytime:

ssh-add .ssh/mykey

I then check with:

ssh-add -l

and it seems like it worked. But when I ssh into the server

ssh %login%

it asked for my password instead.

Speaking from a linux user's perspective, the ssh command checks for the ssh key in a default location.

ie. if you do ssh ihave9fishes@ssh.pythonanywhere.com

then ssh would check to see if there is a ~/.ssh/id_rsa file, and if it exists, it will use that, and if it doesn't it will ask for password.

This has nothing to do with ssh-add. ie. ssh-add makes it so you don't need to type your password after you have already put in the password to the ssh-add agent.

I'm guessing your windows ssh is similar. So generally people would just save their main key as the default file name so you don't need to specify which key it is every single time.

TLDR: change your public and private key pairs' file name to the default file names

FIGURED IT OUT

Turns out I was using an old OpenSSH version on Windows, the ssh-agent wasn't working properly. The problem was describe in this github issue. Updated to newer version, re-generated key and it's working fine.

Glad to see that you made it work!