-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
putty freezes when authenticating #32
Comments
Thanks for the detailed report, apologies for the slow response. I have some ideas but its stabbing in the dark. Could you run I'm realizing the lack of verbose logging is a glaring hole in, so I'm writing some code to add verbose logging, hopefully I'll get it out before you see this reply. |
thanks for getting back to me! sadly with the recent Windows 11 update things got even worse. now i'm getting this pop-up, in which i cannot click on any of choices if i'm using putty combined with winssh-pageant. logging in via openssh's ssh works fine [ well.. now i have an extra click in the popup, but the click is possible at least ]. winssh-pageant shows "Timeout waiting for user input \.\pipe\openssh-ssh-agent: i/o timeout" thx! |
That info did help, I've added a lot of debug logging to this in a new branch If you want to build it yourself. here's a built binary, extract it and run it with winssh-pageant-verbose-logging.zip Thanks. |
thanks a lot! i've:
sadly there's no output on the console and with 2nd or 3rd use of putty i'm getting this: after ~60s followed by this: there are no logs in the cmd where i've started winssh-pageant.exe --verbose as before - ssh client from https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.4.0.0p1-Beta - works fine with ssh-agent and yubikey that i'm trying to use with putty and winssh-pagent. thank you! |
I can confirm this is the case with WinSCP as well, it is rather slow before you can use the Windows dialogue for selecting the security key. I am also using Win11 and OpenSSH_for_Windows_9.4p1, LibreSSL 3.7.3. It only happens via pageant access, cannot identify any slowdown when using windows terminal for SSH connections. BTW: Very helpful piece of software 👍😊 |
Thanks for trying that build @pakud but something went wrong with the This is what the startup should look like: PS H:\Home\code\winssh-pageant> go run ./ --verbose
2023-12-27 13:40:53 INF Starting winssh-pageant
2023-12-27 13:40:53 INF Pageant pipe proxy started
2023-12-27 13:40:53 DBG Locked OS Thread
2023-12-27 13:40:53 DBG Allocated global memory for message data, Starting message loop How to run
|
thanks a lot for detailed instruction @ndbeals and looking into it! i've followed it and was able to connect ~2-4 times by running putty.exe user@hostname and then closing putty. but this time touching the yubikey token to confirm sign it did not make the standard popup [which shows with every FIDO2-based ssh authentication] go away and putty froze. exact output from the console:
log from another case where login failed on the first attempt after starting winssh-pageant:
verbose log, also from the ssh-agent, could help here. [ https://github.com/PowerShell/Win32-OpenSSH/issues/2137 ]. also - i'm using the latest available version of ssh-agent from https://github.com/PowerShell/Win32-OpenSSH/releases, right now it's v9.5.0.0p1-Beta. as before - when using ssh user@host from cmd and the same project, no matter how may times i try - it works without hiccups. |
Thanks for getting back to me, these logs were very helpful. I've ordered my own Yubikey 5 to test this. The logs you've posted show an |
@ndbeals - thanks! i'm happy to test in the next iterations. once you get hold of the yubikey or other FIDO2-compatible hardware token you can: run ssh-keygen -t ecdsa-sk -C "my-yubikey" -f .ssh/privatekey-id_ecdsa_sk to generate a pair of SSH keys [ or rather handles, since part of private key will reside on the token ]. some devices dont support scdsa-sk, you can replace it with more widely available ed25519-sk. than handle privatekey-id_ecdsa_sk.pub like usual public key - add it to .ssh/authorized_keys and on widows run .ssh/privatekey-id_ecdsa_sk |
i've run into an issue where putty frequently, although not always, freezes when i'm trying to log into linux servers using winssh-pageant and openssh with ecdsa-sk key backed by Yubikey 5 acting as FIDO2 token.
i'm worndering if you have any suggestions how to find the root cause of it, enable more verbosity in different elements of this stack.
this is what happens oftentimes when i'm trying to log in via putty which uses winssh-pageant - putty window freezes with 'Not responding' in its title bar:
and after ~20s i get below, but it's too late for key touching - login via that method already failed:
versions:
when i've found out:
thank you in advance for your suggestions and thank you for winssh-pagent!
The text was updated successfully, but these errors were encountered: