«
»

ERROR: SSH agent has too many keys

Unfortunately, SSH doesn’t produce this error, although it darn well should…

I just had a Github customer report that they couldn’t access their repos via SSH, despite it all working properly yesterday, and “not having changed anything”. A bit of debug logging and an inspired leap of intuition on the part of another sysadmin in the office, and the answer was quickly found.

First off, the symptoms:

  • Debug logging showed that the user was connecting successfully, presenting six SSH keys (none of which were the key of interest) before disconnecting;
  • The SSH key was in the user’s SSH agent (you can verify this with a quick ssh-add -l);
  • There were more than six keys in the SSH agent

This last symptom is the key point. As an anti-brute-force measure (I assume), SSH won’t allow a user to connect and present more than MaxAuthTries credentials (whether they be passwords or keys) before being forcibly disconnected. The default value for this parameter (if you haven’t realised already) is six.

Whilst this makes a lot of sense for passwords (and a lesser, but still valid, measure for keys) it does mean that you effectively have a hard limit of six keys in your agent simultaneously (at least without using SSH configs to specify a single key to present to the server). Any more than six keys, and you run the very real risk that the key you need to give to a particular server will be number seven in your agent, and all your authentications will fail miserably.

Bumping the value of MaxAuthTries to a much larger value works fine for Github — password auth is disabled, and if you can manage to brute force a key you’re welcome to what you can get — but you certainly can’t rely on inflating MaxAuthTries everywhere to get you out of trouble, so: keep those SSH agents lean, or at least specify IdentityFile for all your servers.

Tags: , ,

This entry was posted by matt on Wednesday, December 23rd, 2009 at 10:17 am and is filed under WTF. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

68 Responses to “ERROR: SSH agent has too many keys”

  1. valtrex and trying to conceive Says:
    August 31st, 2010 at 7:14 am

    valtrex and tinnitus…

    ranbaxy labs valtrex…

  2. valtrex coupon code Says:
    August 31st, 2010 at 7:18 am

    buy valtrex cheap…

    valtrex for canker sores…

  3. skin breakout while taking valtrex Says:
    August 31st, 2010 at 7:21 am

    valtrex medication side effects…

    generic valtrex side effects…

  4. live at soma Says:
    August 31st, 2010 at 7:23 am

    soma lawsuits texas…

    low price soma…

  5. tramadol buy in florida online Says:
    August 31st, 2010 at 7:26 am

    drug tramadol price list…

    drug tramadol price list…

  6. slot gratis Says:
    August 31st, 2010 at 7:29 am

    slot gratis…

    forum, viploungecasino…

  7. casino en ligne legal en france Says:
    August 31st, 2010 at 7:31 am

    new online casinos no dep free chips us welcome…

    latestcasinobonus blog…

  8. is valtrex safe to take while pregnant Says:
    August 31st, 2010 at 7:34 am

    valtrex 500 mg cold sores…

    valtrex and periods…

  9. valtrex and swine flu Says:
    August 31st, 2010 at 7:37 am

    valtrex costs…

    valtrex early pregnancy…

  10. valtrex indications Says:
    August 31st, 2010 at 7:39 am

    valtrex suppressive treatment…

    valtrex dosages…

  11. soma with no prescription overnight shipping Says:
    August 31st, 2010 at 7:42 am

    soma drug interaction…

    soma for women patch…

  12. free poker no sign up Says:
    August 31st, 2010 at 7:44 am

    poker $5 deposit…

    new bonus codes online casino…

  13. link myblogde online order soma Says:
    August 31st, 2010 at 7:47 am

    prescription medication soma…

    order soma without rx…

  14. casino gambling internet online uk Says:
    August 31st, 2010 at 7:50 am

    online casino startguthaben ohne einzahlung…

    free money sign up bonus…

  15. cashable no deposit bonus Says:
    August 31st, 2010 at 7:52 am

    cool cat casino no deposit…

    new players only…

  16. foxwood promotion code Says:
    August 31st, 2010 at 7:55 am

    casino en ligne tranchant…

    casino en ligne tranchant…

  17. casino online italiano Says:
    August 31st, 2010 at 7:57 am

    free online casino gambling…

    casino online italiano…

  18. viagra russian band Says:
    August 31st, 2010 at 8:00 am

    buy viagra pill in england…

    woman and mens viagra…

  19. viagra patent expiration Says:
    August 31st, 2010 at 8:02 am

    viagra dose for pulmonary hypertension…

    viagra contraindicated…

  20. game downlods Says:
    August 31st, 2010 at 8:05 am

    casino job las vegas…

    jackpot capital free deposit coupons…

  21. cashable casino chip no deposit Says:
    August 31st, 2010 at 8:07 am

    sheraton at the belle of baton rouge casino…

    super jackpot party free online slots…

  22. soma enterprise products Says:
    August 31st, 2010 at 8:10 am

    soma enterprise products…

    soma substitutes…

  23. bodog redeem code Says:
    August 31st, 2010 at 8:13 am

    foxwoods casino employment…

    no dep pokies…

  24. i want a soma prescription Says:
    August 31st, 2010 at 8:16 am

    us soma without prescription…

    buy soma without…

  25. online casino free play Says:
    August 31st, 2010 at 8:18 am

    bodog redeem coupon…

    deposite…

  26. free slot tournaments for us players Says:
    August 31st, 2010 at 8:21 am

    play jackpot party slot game…

    new no deposit codes…

  27. harrah's casino rincon Says:
    August 31st, 2010 at 8:23 am

    casino en ligne gratuit sans telechargement…

    casino online no download…

  28. valtrex when generic Says:
    August 31st, 2010 at 8:26 am

    how to get valtrex without a prescription…

    valtrex and constipation…

  29. does tramadol show on drug test Says:
    August 31st, 2010 at 8:28 am

    tramadol priority overnight…

    tramadol with money order…

  30. casino online mit startguthaben Says:
    August 31st, 2010 at 8:31 am

    casino en ligne retrait…

    slims casino…

  31. tramadol prescription online saturday delivery Says:
    August 31st, 2010 at 8:34 am

    buy liquid tramadol…

    tramadol renal function…

  32. why is tramadol considered addictive Says:
    August 31st, 2010 at 8:36 am

    buy cheap tramadol overnight only…

    lyrica and tramadol…

  33. new tramadol ultram Says:
    August 31st, 2010 at 8:39 am

    tramadol hydrochloride and abuse…

    tramadol and vicodin taken together…

  34. free play 1 hour casino Says:
    August 31st, 2010 at 8:42 am

    clearwater casino washington state…

    video slots mega jack…

  35. online casino free games Says:
    August 31st, 2010 at 8:44 am

    10.00 minimum deposit for us players…

    no deposit bonus code planet 7…

  36. coupon mystic lake casino buffet Says:
    August 31st, 2010 at 8:47 am

    custom casino poker chip…

    online slots bounus cash no downloads…

  37. casino online quebec Says:
    August 31st, 2010 at 8:49 am

    casino online quebec…

    casino online quebec…

  38. tramadol paying by echeck Says:
    August 31st, 2010 at 8:52 am

    tramadol dosage in dogs…

    codeine and tramadol…

  39. online casino roulette strategie Says:
    August 31st, 2010 at 8:54 am

    jack pot party games…

    jack pot party games…

  40. mystic lake casino jobs Says:
    September 3rd, 2010 at 7:39 am

    golden moon casino…

    no deposit bonus codes for casino…

  41. viagra free pills Says:
    September 3rd, 2010 at 7:43 am

    walmart pharmacy viagra…

    viagra offers…

  42. valtrex autism side effects Says:
    September 3rd, 2010 at 7:46 am

    valtrex dosage and pregnancy…

    valtrex discount coupons…

  43. valtrex news Says:
    September 3rd, 2010 at 7:49 am

    valtrex in children…

    valtrex in children…

  44. valtrex safety Says:
    September 3rd, 2010 at 7:51 am

    valtrex autism side effects…

    valtrex cold sores treatment…

  45. inet casino bonus codes Says:
    September 3rd, 2010 at 7:54 am

    golden nugget vip…

    casinos free money…

  46. soma tab Says:
    September 3rd, 2010 at 7:57 am

    soma vs flexeril…

    chewable soma…

  47. no deposit codes casino Says:
    September 3rd, 2010 at 7:59 am

    april no deposite casino codes…

    pokersite startmoney…

  48. safety of valtrex during pregnancy Says:
    September 3rd, 2010 at 8:02 am

    valtrex walmart…

    valtrex generic online…

  49. nodeposit casino bonus Says:
    September 3rd, 2010 at 8:05 am

    deposit internet casino…

    deposit internet casino…

  50. play jack pot party slot free Says:
    September 3rd, 2010 at 8:08 am

    what are bingovega promo codes…

    casino online supermarché…

  51. viagra jacket mark martin Says:
    September 3rd, 2010 at 8:10 am

    file viewtopic t 71 viagra…

    thailand viagra for woman…

  52. laughlin nev webcam at the avi casino Says:
    September 3rd, 2010 at 8:13 am

    online casino vertrauenswürdig…

    casino no deposit free money…

  53. instant casino no registration Says:
    September 3rd, 2010 at 8:16 am

    free no download crap casino…

    free online casino uk…

  54. casino en ligne bonus gratuit Says:
    September 3rd, 2010 at 8:18 am

    nodepositbonus casinos…

    1 hour free play casino…

  55. online slot machines with birhday bonuses no deposit allows united states to play Says:
    September 3rd, 2010 at 8:21 am

    isle of capri casino resort biloxi…

    free practice slots…

  56. mount airy lodge casino Says:
    September 3rd, 2010 at 8:23 am

    redeem coupons rtg free…

    play roulette online no sighn up…

  57. wms las vegas free play Says:
    September 3rd, 2010 at 8:26 am

    slot machines gratispoker…

    ladbrokes casino review…

  58. lyophilized soma rdna Says:
    September 3rd, 2010 at 8:28 am

    soma buy fedex…

    cheap soma for sale with no prescription required…

  59. side effects of tramadol in cats Says:
    September 3rd, 2010 at 8:31 am

    tramadol cod overnight…

    tramadol doesnt work…

  60. running an online casino Says:
    September 3rd, 2010 at 8:34 am

    pachanga casino…

    casino coupon virtual…

  61. tramadol arrest Says:
    September 3rd, 2010 at 8:36 am

    tramadol verses hydrocodone…

    use of tramadol in dogs…

  62. rtg casino coupon Says:
    September 3rd, 2010 at 8:39 am

    casino online italiani autorizzati…

    casino online italiani autorizzati…

  63. bet royal casino codes newest Says:
    September 3rd, 2010 at 8:41 am

    vip no deposite bonus casino listings…

    casino en ligne qui paye…

  64. homeopathic-viagra for india Says:
    September 3rd, 2010 at 8:44 am

    over the counter herbal viagra…

    over the counter herbal viagra…

  65. free whales of cash slot machine play Says:
    September 3rd, 2010 at 8:47 am

    online casino no deposit coupon codes…

    promotion codes platinum play…

  66. online casino empfehlungen Says:
    September 3rd, 2010 at 8:49 am

    online casino empfehlungen…

    online casino empfehlungen…

  67. valtrex and nausea Says:
    September 3rd, 2010 at 8:52 am

    valtrex pills…

    valtrex and uti…

  68. viagra weekender Says:
    September 3rd, 2010 at 8:55 am

    average does for viagra…

    wholesale viagra pro…

Leave a Reply

You must be logged in to post a comment.

Site links
Anchor
Wiki
Blog
Services
Domain names
Web hosting
VPS
Dedicated Servers
Co-location
Articles
Dedicated Server Purchasing Guide
Dedicated Server Tutorials
Developer Friendly Hosting
Useful Tools