[Help] step ca config error -> "ssh certificate not found: please run step ssh login <identity>"

[mf-in-mun]

Hello,

I'm using smallstep step ca for a couple of months, started with an automated SSL provisioning, set up a Borg Backup remote server with automated SSH certificates provisioning and now I want to move a step further.
I want to change my SSH key handling using step ca and an OIDC provider Zitadel.

I'm working mainly with this blog https://smallstep.com/blog/diy-single-sign-on-for-ssh/

I've setup a new oidc privisioner and running

step ssh login [email protected] --provisioner=my-provisioner

works.
I've got a SSH certificate, with an entry in the ssh-agent.
ssh-add -L shows that key, step ssh list shows that exact entry and step ssh list --raw | step ssh inspect seems to be fine.

But when I try that command

step ssh config

for configuration I always got an error

ssh certificate not found: please run `step ssh login <identity>`

Searching here the only thing I found was a code snippet from the project:

		// Force a user to have a username
		if _, ok := data["User"]; !ok {
			return errors.New("ssh certificate not found: please run `step ssh login <identity>`")
		}
	}

I'm sorry, but that's nothing which helped me.

I've tried this on Win 11, Powershell 7.5.3 and on Fedora 42, ghostty. On both I got that error.

Please, may I ask for some help?
I'm quite sure that I'm missing some configuration.
Hopefully somebody can point me into the right direction.

BR SMF

System: Win 11 24h2, update on Tuesday, Smallstep CLI/0.28.7 installed via winget.
Fedora 42 updated today, Smallstep CLI 0.28.7 installed via the Smallstep repo.
step ca, containerized using Podman, image based on Alpinelinux 3.22.1, running on an Almalinux 10 server