[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#513235: gnome-keyring: selects wrong key when multiple ssh identities are used

reassign 513235 openssh-client
retitle 513235 ssh tries the keys proposed by the agent before those passed with -i

Le mardi 27 janvier 2009 à 16:36 +0100, Bjørn Mork a écrit :
> >> I regularily log into a system which uses different ssh keys to select different 
> >> configurations.  This fails if gnome-keyring-daemon is running.  It seems to use
> >> previously learned keys even if you specify "ssh -i <keyfile>", or use the
> >> IdentityFile keyword in ~/.ssh/config.
> >
> > It would be interesting to see whether this happens if you use ssh-agent
> > instead of gnome-keyring. If you add the first key to the agent, do you
> > see the same behavior with "ssh -i key2" ?
> Just running ssh-agent isn't a problem.  But you're right that any key
> added to the agent seems to be used before other keys.  If I add the key
> to ssh-agent, then it will be used first.

So indeed, ssh is trying the keys proposed by the agent before those
passed with the -i option. This looks like the root cause to me, since
command-line arguments should have priority over things proposed by an
external process. 

: :' :      We are debian.org. Lower your prices, surrender your code.
`. `'       We will add your hardware and software distinctiveness to
  `-        our own. Resistance is futile.

Attachment: signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=

Reply to: