Warning: ssh-add failed: (return code: 1; output: Invalid lifetime) #159
Assignees
Labels
in progress
this issue is actively being worked on
Comments
|
Thanks for the bug report. Can you provide the ssh version and type (OpenSSH?). I will then see if I can reproduce this. |
|
|
I can reproduce this. Looking into it. |
|
This is probably an unfortunate consequence of setting IFS to newline globally in the script. |
|
This should now be fixed in git master. Please give it a try. Type "make" to make the final script. I will push out a new release soon with this fix. |
|
This fix is now in the latest release, 2.9.2. Thanks for the bug report! |
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this issue
May 3, 2025
# pkgsrc changes * Project's Makefile is now bmake compatible. Use it to generate script and man page at build stage. * Taking maintainership. # upstream changes (since release 2.8.5) ## keychain 2.9.2 (2 May 2025) This is primarily a bug fix release, but also introduces the new `--extended` option -- see below: * Deprecate `--confhost` option and replace with `--extended` option. The old `--confhost myhost` would now be `--extended host:myhost`. This also allows specifying SSH keys (`sshk:` prefix), GPG keys ( `gpgk:` prefix) and hosts (`host:` prefix) together without confusion. * Well, I became intimately familiar with `IFS` the hard way. Fix 2.9.1 bug [#159](funtoo/keychain#159) by reworking IFS settings and adding proper documentation to the right places. This fixes the `--timeout` option and also now allows `--stop` to work properly which was broken. * Improve `--agents` deprecation warning. * Have keychain properly adopt a currently-running gpg-agent providing ssh-agent functionality when `--ssh-use-gpg` is specified. * Explicitly clean up known-bad pidfiles during processing. * Deprecate `--confhost` option and replace with new `--extended` option. * Improve host-based key processing by using `ssh -G` to officially extract host-based keys. * Make `Makefile` BSD-compatible. ## keychain 2.9.1 (1 May 2025) This release fixes a major bug related to the `--eval` option with non-Bourne shells. * Fix `--eval` option so it works with non-Bourne shells ([#158](funtoo/keychain#158)). * Last-minute option change: replace `--ssh-wipe` and `--gpg-wipe` with `--wipe [ssh|gpg|all]`. * Deprecate `--attempts` option which doesn't work with gpg-agent pinentry nor modern OpenSSH. * More script rewriting -- default to IFS of newline in the script, totally rework SSH and GPG key adding code. * Remove undocumented and likely unused `--` option. * Script is now at a svelte 1049 lines of code. ## keychain 2.9.0 (30 Apr 2025) These release notes contain a summary of all changes, including cumulative changes in pre-releases: * A new release after 8 years, with Daniel Robbins (script creator) returning as maintainer. * 60% of the script has been rewritten, and is now compliant with [ShellCheck](https://shellcheck.net). * `--agents` and `--inherit` options have been deprecated to improve ease-of-use. * `gpg-agent` no longer started by default -- only when a GPG key has been provided on the command-line. GnuPG 2.1+ supported. * GnuPG pidfiles with `-gpg` extension are deprecated and no longer used. * Better GnuPG integration: `gpg-agent` can be used for SSH key storage. This can be enabled by specifying one of the new `--ssh-allow-gpg` and `--ssh-spawn-gpg` options. Agent information for `gpg-agent`'s SSH socket will be stored in the regular pidfile for compatibility. * Add `--ssh-rm`, `--ssh-wipe`, `--gpg-wipe` options for removing/wiping SSH and GPG keys. This addresses GitHub Issue [#153](funtoo/keychain#153). * `--clear` option is now designed to be used for "initial clearing" of keys only. * Many user interface output improvements, to provide additional detail. * `--debug` option which can be used to troubleshoot issues with keychain. * Manual page significantly improved: New section on invocation, as well as documentation of the startup and agent detection algorithm. * Addition of `--ssh-agent-socket` option to manually specify desired path of the ssh-agent socket when starting. * Addition of `--confallhosts` to load identity files for all hosts. * Various bug fixes and improvements. * Script size reduced from 1500 to 1133 lines.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Since 2.9.1 (first of the new versions that I've tried), when I do this:
I get this
When I remove
--timeout 600, I can add the keys without an error.The text was updated successfully, but these errors were encountered: