I have an ecdsa-sk keypair that I generated and added to my github account (tied to a yubikey). If I try any connection using that key, such as git push
, I get:
sign_and_send_pubkey: signing failed for ECDSA-SK "[...]/.ssh/id_ecdsa_sk" from agent: agent refused operation
No combination of ssh-add
commands I've tried works (deleting key, re-adding ,etc). ssh-add -l
will show the key as present, but I still get the above error.
The only thing that works is to kill the ssh-agent
and then immediately run:
ssh-add -K <ecdsa keyfile>
If I do that then git push
will work--once. If I do anything else with the agent first, add other keys, etc. then git push
will fail (giving the above error) and if I immediately run git push
a second time it will fail (and continually after until I kill ssh-agent
again).
I'm unfortunately on Mac (Monterey, M1 chip). I only have this problem with the esdsa-sk key. My regular rsa keys work fine. Am I missing anything or doing something wrong? I know ecdsa-sk support is relatively new; could this be a bug?