> ssh should do this alreadyHi Damien, Let's discuss what it does already... For example, if ssh-agent already has six keys, will it append the "-i key" as the seventh choice? Apparently there is a "six-key authentication limit on most servers". A seventh key will fail. If ssh is adding the new key to the end of the list it would be expected to fail. This limit is actually why I haven't added to the newer key to the agent also. Which leads to an idea: how about switching the "-i key" to the top of the list, instead of the end.> IdentitiesOnlyOk. The option "-o IdentitiesOnly=yes" is another solution. A problem with that, it's a bit cumbersome. You have to realize what the cause of the problem, so that adding the flag will fix it (why is ssh failing anyway?). And then check the exact syntax. And write that, on the command-line. It is another option though.
openssh at tr.id.au
2024-Oct-01 23:00 UTC
[Possible phishing attempt] Re: ssh while ssh-agent is running
> A problem with that, it's a bit cumbersome. You have to realize what the > cause of the problem, so that adding the flag will fix it (why is ssh > failing anyway?). And then check the exact syntax. And write that, on the > command-line. It is another option though.Personally, I set IdentitiesOnly yes as the global default in ~/.ssh/config, and explicitly set the preferred key separately for groups of hosts. All my keys are under ~/.ssh/keys or ~/.ssh/sk so they don't get automatically picked up by the client when a host hasn't been defined yet. The client is only cumbersome if you don't use ~/.ssh/config and have never refered to `man ssh_config`. ~ Tim
Maybe Matching Threads
- ssh while ssh-agent is running
- ssh while ssh-agent is running
- OSX - SSH agent functionality differing based upon CLI arguments
- [Bug 448] ssh ignores key specified with -i if agent is running
- [Bug 2095] New: ssh client not respecting IdentitiesOnly=yes option