FreeBSD ssh-agent issues!

@nevj 's recent post about a hard install of NetBSD inspired me to post about a BSD (FreeBSD) issue I encountered just today :

I was trying to ssh using ssh-key from my FreeBSD (TrueNAS) shell to one of my Pi4 systems (running raspbian ‘bookworm’). Couldn’t get it to do key-based login - but interactive login (challenge/response) was working…

 ✘ x@baphomet  ~/.ssh  ssh-copy-id frambo.local
Could not open a connection to your authentication agent.
no keys found

Eh? I’ve got keys in ~/.ssh/ (in my FreeBSD shell).

I tried manually editing ~/.ssh/authorized_keys on the Pi4… Nada…

Did some research and google-fu :

✘ x@baphomet  ~/.ssh  ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-pSsmDKNLluiY/agent.7942; export SSH_AUTH_SOCK;
SSH_AGENT_PID=7943; export SSH_AGENT_PID;
echo Agent pid 7943;

But still got :

 ✘ x@baphomet  ~/.ssh  ssh-add
Could not open a connection to your authentication agent.

Then this :

 x@baphomet  ~/.ssh  eval "$(ssh-agent)"
Agent pid 8010
 x@baphomet  ~/.ssh  ssh-agent /bin/sh
$ ssh-add ~/.ssh/id_rsa
Identity added: /mnt/BARGEARSE/home/x/.ssh/id_rsa (/mnt/BARGEARSE/home/x/.ssh/id_rsa)
$ quit
$ exit

But still no joy…
But I could then run ssh-copy-id :

 x@baphomet  ~/.ssh  ssh-copy-id frambo.local
x@frambo.local's password:
 x@baphomet  ~/.ssh  ssh frambo
Linux frambo 6.6.74+rpt-rpi-v8 #1 SMP PREEMPT Debian 1:6.6.74-1+rpt1 (2025-01-27) aarch64

The whole point of this exercise - I want to use rsync (and probably tar initially) to make a backup of my 1.1 TB digital music collection to a 6 TB USB drive plugged into the Pi4 - and I’d want to script that and cronjob it… This is because while the collection is on a NAS and on RAIDZ-0 : “remember kiddies - RAID is not BACKUP”

Most of the above was because modern Linux (and probably MacOS too) takes a lot of that “heavy lifting” stuff out of your hands… Not necessarily so with the BSD family of UNIX like operating systems…
– question –
Why did @sourav think this subject needed an exclamation point?

Well that may be all it was useful for.
I am having authentication issues with NetBSD too… I installed a screenshot utility… when it runs it says I have not set up any authentication.??? What does a screenshot need to authenticate?
It is true… .Xauthority is empty.

I need to learn about authentication before I can do anything.

I was kind of hoping that NetBSD might be like original BSD where if you could login you could do anything. No such luck. It has been polluted with all this modern permissions nonsense.

So that more people hopefully join the conversation.

I wonder how true that is.
I think it depends on how you use linux. I tend to ignore the high level linux help packages and do it the hard way. I suppose I am trying to make my linux(s) work like BSD. Thats why I like Void and Chimera.

The other thing about Linux is its drivers are way better than BSD. I understand FreeBSD is now making an effort to address this.

You mean you go to the remote host and manually add your sshkey hex string into ~/.ssh/authorized_keys? I used to have to do it that way, way back when with Solaris… I couldn’t even tell you if more modern Solaris has “ssh-copy-id”… But it wasn’t available on the Solaris 10 machines I was doing sysadmin on…

And you don’t use “ssh-copy-id” program?

No, I have not been forced into that yet.
I dont often bother with ssh keys… I am happy to use a password in most instances.

Have never used ssh copy-id

It’s actually “ssh-copy-id”

I’m lazy - I usually run :

sshpass -f $SECRETFILE ssh user@remotehost

(so it can generate a known_hosts file entry)

then

ctrl d

sshpass -f $SECRETFILE ssh-copy-id user@remotehost

But trying to do anything similar on BSD or Solaris feels like the dark ages all over again …

My typo

You outpoint me on sophistication every time, especially with networking.