This error could indicate that the config did not complete successfully.
To troubleshoot this issue you can run
step ssh check-host <hostname>. This will return
false to verify you have access to the host.
step expects to find the
.step/config path in your home directory. If the
step config lives somewhere else, SSH will not apply the configuration correctly.
You can also run
ssh <hostname> -vvv to get the verbose SSH output. This will usually provide visibility into the underlying issue. You can send log output to us with a support ticket.
Windows users. ssh-agent is enabled by default. You may see the following error in the verbose logs:
debug3: w32_getpeername ERROR: not sock :2
This could mean that don't have the ssh-agent running, you can check if its running
ssh-add -l or
step ssh list . If everything goes well and you have already authenticated you should see a line like:
256 SHA256:xxx... sean@smallstep (ECDSA-CERT)
The instructions to install/enable ssh in windows are in https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_keymanagement If you cannot get ssh-agent to work you can also login pointing to the key:
# Create a new certificate, this will create mykey, mykey-cert.pub, and mykey.pubstep ssh certificate sean@smallstep mykey # Connect ssh using mykey and mykey-cert.pub ssh -i mykey myhost.foo