fix: use SSH agent when identity files don't exist#136
Closed
rfay wants to merge 2 commits intouselagoon:mainfrom
Closed
fix: use SSH agent when identity files don't exist#136rfay wants to merge 2 commits intouselagoon:mainfrom
rfay wants to merge 2 commits intouselagoon:mainfrom
Conversation
Fixes "ssh: no key found" errors when using SSH agent without physical key files on disk (e.g., DDEV tests with ddev-ssh-agent). Changes: 1. utils/shell.go: - Gracefully handle missing identity files, skip them and use agent keys - Skip ~/.ssh directory scan when SSH agent already has keys - Only scan directory as last resort to avoid warnings for non-key files 2. utils/sshportal.go: - Bypass machinery's sshtoken.RetrieveToken entirely when using agent-only - Implement retrieveTokenViaAgent() to directly use SSH agent keys - Routes based on availability: agent-only, file-based, or error Root cause: machinery v0.0.31's sshtoken.RetrieveToken returns errors when identity files don't exist (lines 36-40, 52-56) instead of falling back to SSH agent keys. This is a workaround until machinery is fixed upstream. See: - https://github.com/uselagoon/machinery/blob/main/utils/sshtoken/sshtoken.go - uselagoon/lagoon-cli#442 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Previously, SSH key errors showed unhelpful output like:
"ssh: no key found &{0x4000084120}"
This was caused by passing os.Stdout (a file descriptor pointer) as the
second parameter to LogWarning, which printed the pointer address.
Changes:
- Include actual file paths in all SSH key error messages
- Change non-key file warnings to debug messages (reduces noise)
- Pass nil instead of os.Stdout to LogWarning to avoid pointer output
- Add directory path context to all error messages
Now shows helpful messages like:
"Skipping /home/user/.ssh/config: ssh: no key found"
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This was referenced Jan 28, 2026
Collaborator
|
Hi @rfay - thanks for this work. With the new machinery library update, I take it we can skip the bulk of this. Gonna close this on the assumption that there isn't (and the messages on the other PRs in machinery) - let's open again if there is. |
Contributor
Author
|
I didn't look again, but agree that machinery should have solved it, thanks! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes "ssh: no key found" errors when using SSH agent without physical key files on disk (e.g., DDEV tests with ddev-ssh-agent).
For example:
This also improves the debug/warning when no key is found by showing the path instead of just a pointer.
Changes:
utils/shell.go:
utils/sshportal.go:
Root cause: machinery v0.0.31's sshtoken.RetrieveToken returns errors when identity files don't exist (lines 36-40, 52-56) instead of falling back to SSH agent keys. This is a workaround until machinery is fixed upstream.
See:
id_rsaprivate keys lagoon-cli#442