Manual

  2. Home
  4. Docs
  6. Manual
  8. key management
  10. Internal identity files

Internal identity files

Internal identity files, which is the key created or imported by WoTerm itself.

When connecting in a session, the internal key will prioritize authentication.

After exporting the key, you may encounter issues with key usage, such as reporting the following error:

sign_and_send_pubkey: signing failed: agent refused operation

Please execute the following command [ssh add], which will add the certificate to the ssh agent.

[abc@centos ~]$ ssh-add
Identity added: /home/abc/.ssh/id_rsa (/home/abc/.ssh/id_rsa)   #Identity added,mean add successfuly。
Could not add identity "/home/abc/.ssh/id_ed25519": communication with agent failed    #failed to add.
[abc@centos~]$ ssh-add -l
1024 SHA256:f9ZbXwPYnRGEgT2ae/KWAvbRC+x5CewRG5y/4lorwH8 /home/abc/.ssh/id_rsa (RSA)


abc@ubuntu:~$ ssh-add
Identity added: /home/abc/.ssh/id_rsa (/home/abc/.ssh/id_rsa)
Identity added: /home/abc/.ssh/id_ed25519 (abc@ubuntu)

abc@ubuntu:~$ ssh-add -l
1024 SHA256:nY2crYq2fJyLjurXgMx6qDiolqnKw7Q8xf1cdoxJIMo /home/abc/.ssh/id_rsa (RSA)
256 SHA256:9jVcazsPfk8O+Ca2G4DBsjd6dQTMS36rIgwBY60njk8 abc@ubuntu (ED25519)

Sometimes, if the same error is still reported after configuring according to the above method, it may be affected by the ssh agent of gnome keyring and should be checked as follows:

[abc@centos ~]$ echo ${SSH_AUTH_SOCK}
/run/user/1000/keyring/ssh     #The gnome-keyring-ssh-agent contain keyring keyword, while the openssh-ssh-agent are start with /tmp/*

To eliminate the impact of gnome ssh-agent, there are two methods available.

The first method is to add the following code at the end of the ~/. bashrc file to permanently solve the problem.

export SSH_AUTH_SOCK=0     #This can permanently block the SOCK of gnome key_ Auth_ SOCK interference, execute ssh at this time xxx@yyy.com When, you can successfully log in.

The second method is to add the following code at the end of the ~/. bashrc file, which can also permanently solve the problem.

eval "$(ssh-agent -s)" >> /dev/null
ssh-add >> /dev/null

I personally recommend using the first method because when SSH logs in remotely, it will first access the ssh agent and then traverse the current user’s .ssh path to attempt login. Although the ssh-agent is no longer effective, the .ssh path can take effect.
In addition, the second method will cause a new ssh agent object to be created every time a terminal is started, which is not a friendly method.