Forum

Starting authentica...
 
Notifications
Clear all

Starting authentication agent... FAIL

0 Posts
2 Users
0 Reactions
257 Views
(@NightShade1)
New Member
Joined: 13 years ago
Posts: 1
Topic starter  

Hello im connecting to a switch and im getting that fail on the authentication agent... i have connected to other brands and equipment and everything is okay but in this alcatel switches im getting that error

What does this mean?
and how can i fix it ?

I noticed that when im connecting on algorithm its using ssh-dss i dont see dss on the list of algorithms on the options could that be the problem?


   
ReplyQuote
(@bpence)
Member Admin
Joined: 1 year ago
Posts: 1375
 

The authentication agent protocol is a way to forward public-key authentication requests back to the client, regardless of how many systems you may have to traverse through..

For example, if you use public-key auth to authenticate from your PC to server 'A', you do so by verifying your identity using a private key stored locally on your PC. If you then want to ssh from server A to server B, you have two options:

1. Use a private key on server 'A' to prove your identity to server 'B'. You can do this by either creating another key pair for this purpose or copying your private key to the server, which I would discourage.
2. Forward the authentication request from server 'B' all the way back to your PC to be completed with the private key stored locally. This is the job of the authentication agent.

Because the security of public-key authentication absolutely relies on being able to keep the private key private, keeping it as close to you as possible is always preferred.

The authentication agent is handy for file-based keys, because it allows you to manage one set of keys locally without copying them around. Authentication agent is absolutely essential for hardware token-based keys where the key *can't* be copied, moved, shared, stolen, etc... All auth requests come back to the PC and get authenticated using the token.

If the authentication agent fails to start, you'll get notified at login time. All this usually means is that the server you are connecting to either doesn't support the authentication agent protocol or it has been disabled. You can safely ignore this failure if you're not planning to ssh to additional servers. If you want to get rid of the message altogether, you can disable the authentication agent on Options->Properties->Connection->SSH2->Forwarding. Uncheck the "enable authentication agent forwarding" option.


   
ReplyQuote
Share: