On Mon, 30 Sep 2024, Sam Darwin wrote:> Hi, > I run into a certain problem from time to time. > > 1. Configure and launch ssh-agent. > 2. That's usually perfect. > 3. Occasionally, connect to a different and less common remote server. > Use ssh -i keyfile > 4. ssh -i keyfile fails. Because ssh-agent doesn't know about that key. > > If you are specifying a key "-i key", then you are specifying a key, and > clearly don't need to use the keys from ssh-agent. Could ssh prefer the key > from the command line? Give that precedence, over using the ssh-agent keys?ssh should do this already. Please post a debug trace "ssh -vvv ..." and we'll be able to see what broke.
> ssh should do this alreadyHi Damien, Let's discuss what it does already... For example, if ssh-agent already has six keys, will it append the "-i key" as the seventh choice? Apparently there is a "six-key authentication limit on most servers". A seventh key will fail. If ssh is adding the new key to the end of the list it would be expected to fail. This limit is actually why I haven't added to the newer key to the agent also. Which leads to an idea: how about switching the "-i key" to the top of the list, instead of the end.> IdentitiesOnlyOk. The option "-o IdentitiesOnly=yes" is another solution. A problem with that, it's a bit cumbersome. You have to realize what the cause of the problem, so that adding the flag will fix it (why is ssh failing anyway?). And then check the exact syntax. And write that, on the command-line. It is another option though.
Reasonably Related Threads
- ssh while ssh-agent is running
- [Possible phishing attempt] Re: ssh while ssh-agent is running
- OSX - SSH agent functionality differing based upon CLI arguments
- [Bug 2024] New: Allow to ssh client say to ssh-agent which key should be used.
- ssh while ssh-agent is running