net-ssh doesn't work with ssh-agent/requires Pageant on Windows

[T2L]

Issue summary

I'm using Capistrano on Windows 7.

I've configured ssh-agent to autoload with bash, enabled agent forwarding in ssh config file. Server allows for agent forwarding as well.

Agent forwarding works as intended with ssh user@exmaple.com in bash.

However, it doesn't work with Capistrano, which uses net-ssh.

I'm not Ruby developer, but I was able to debug it (using Logger:DEBUG):

    servers: ["example.com"]
    [example.com] executing command
E, [2014-10-22T12:27:07.137433 #5852] ERROR -- net.ssh.authentication.agent[1a15688]: could not connect to ssh-agent
E, [2014-10-22T12:27:07.137433 #5852] ERROR -- net.ssh.service.forward[1a59938]: attempted to connect to agent but failed: Net::SSH::Authentication::AgentNotAvailable (pageant process not running)
E, [2014-10-22T12:27:07.137433 #5852] ERROR -- net.ssh.connection.session[1a4e4d8]: [2, "could not connect to authentication agent"]
 ** [example.com :: out] Error reading response length from authentication socket.

As far as I can tell, net-ssh tries to find Pageant process and fails on this. I do not have PuTTY, because I'm using bash (coming with Git)

I've found some piece of code that tries to open socket using OpenSSH agent (https://github.com/net-ssh/net-ssh/blob/master/lib/net/ssh/authentication/agent/socket.rb#L65):

@socket = agent_socket_factory.open(ENV['SSH_AUTH_SOCK'])

which seems like is trying to connect to ssh-agent process, but somehow this action fails.

So, I was forced to install PuTTY and run Pageant in order to get capistrano work.

Issues I see:

• State in documentation that net-ssh requires Pageant process in order to agent forwarding work (and it doesn't work with ssh-agent)
• If it does work with ssh-agent, fix integration

Environment details

• Windows 7
• ruby 2.1.3p242 (2014-09-19 revision 47630) [i386-mingw32]
• net-ssh 2.9.1
• ruby -ropenssl -e puts OpenSSL::OPENSSL_VERSION' prints OpenSSL 1.0.0n 6 Aug 2014
• bash openssl version prints OpenSSL 0.9.8zb 6 Aug 2014
• ruby puts ENV['SSH_AUTH_SOCK'] prints C:/Users/user/AppData/Local/Temp/ssh-Pwa62R2DumYh/agent.4028
• bash echo "$SSH_AUTH_SOCK" prints /tmp/ssh-Pwa62R2DumYh/agent.4028
• content of /tmp/ssh-Pwa62R2DumYh/agent.4028: !<socket >49345 FC1BAE4C-D79B0069-3C0F3DCC-1C0A1A41. Line ends with NUL character

If you need any other details don't hesitate to ask.

[T2L]

Checked some more code. Seems like Pageant is the only option on Windows.

Is it possible to add ssh-agent support?

[func0der]

So...this is kind of ruining vagrant provisioning on Windows machines without Pageant.
Is there any way there will be a fix in the near future?
@duerst, you started but never finished?

I would help, but I am not familiar with Ruby.

[duerst]

@func0der: I actually have provided a patch (#365) that I hope solves the issue (it does for me, at least). I have pinged @mfazekas on that pull request and my earlier one.

[func0der]

@duerst Okay. I was not sure about this since there was so much going on. I hope this is going to be fixed soon. It is a pain in the ass with vagrant currently.

[T2L]

Hi all,

I'm not sure how, but SSH agent forwarding into Vagrant is working properly on my Windows since version 8 (now running Windows 10) without Pageant. Maybe this was fixed on Vagrant side or MINGW64 (terminal).

Capistrano probably is still broken.

[mfazekas]

https://rubygems.org/gems/net-ssh/versions/4.0.0.beta4 is released and it if you have SSH_AUTH_SOCK and unix_socket it'll try to use that otherwise falls back to pageant.

[func0der]

@mfazekas It still does not work with net-ssh 5.1.0.
Maybe it is somehow related to this comment: hashicorp/vagrant#8615 (comment)

I do not want to open another issue, since we have collected so much intel already here.
As I mentioned (hashicorp/vagrant#8615 (comment)), I am not sure, if the fix should go into net-ssh or into the git/msys2 implementation.
What do you think?