ssh-add -s fails

[jmyreen]

"OpenSSH for Windows" version
8.1.0.0

Client OperatingSystem
Windows 10 Enterprise

What is failing
ssh-add -s 'C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll'

Using the -s "Add keys from PKCS#11 provider", i.e. using ssh-agent with smart cards does not work.

Expected output

Identity added ...

Actual output

Enter passphrase for PKCS#11:
Could not add card "C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll": communication with agent failed

ssh-add is able to communicate with the agent. ssh-add without any options adds the default .ssh/id_rsa file, ssh-add -l is able to list it. ssh-add -s PKCS#11 does not work, although it does prompt for a PIN, so it obviously recognizes the -s option.

FWIW, ssh.exe is able to use a smart card with the option -I 'C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll', it's just ssh-agent that is failing.

[NoMoreFood]

Known issue. Somebody has a pull request in for it: PowerShell/openssh-portable#362

[jmyreen]

I missed this when I looked for duplicates.

Could this be merged into version 8.1 before the final release. The patch is already 14 months old and support for ssh-add -s is part of the feature set of OpenSSH v 8, and many versions before that.

[bannsec]

2024 and i'm getting the exact same issue.

OpenSSH_for_Windows_8.6p1, LibreSSL 3.4.3

[kayavila]

Although this should be fixed (per PowerShell/openssh-portable#537), this continues to be a problem for me as well. I tested using the executables provided in the .zip file on OpenSSH_for_Windows_9.5p1, LibreSSL 3.8.2. (Since per #1914, the privilege issue for installing may or may not be fixed on the 64-bit version.)