❦ 27 janvier 2009 17:21 +0100, Josselin Mouette <joss@debian.org> : >> >> I regularily log into a system which uses different ssh keys to select different >> >> configurations. This fails if gnome-keyring-daemon is running. It seems to use >> >> previously learned keys even if you specify "ssh -i <keyfile>", or use the >> >> IdentityFile keyword in ~/.ssh/config. >> > >> > It would be interesting to see whether this happens if you use ssh-agent >> > instead of gnome-keyring. If you add the first key to the agent, do you >> > see the same behavior with "ssh -i key2" ? >> >> Just running ssh-agent isn't a problem. But you're right that any key >> added to the agent seems to be used before other keys. If I add the key >> to ssh-agent, then it will be used first. > > So indeed, ssh is trying the keys proposed by the agent before those > passed with the -i option. This looks like the root cause to me, since > command-line arguments should have priority over things proposed by an > external process. The solution is to use IdentitiesOnly option. The linked bug report highlights that and there was no real evidence this wasn't working as expected. It works as expected for me. I propose to close this bug report (and as I randomly stumbled on it, I am unlikely to remember that in a few days). -- Suspicion always haunts the guilty mind. -- Wm. Shakespeare
Attachment:
signature.asc
Description: PGP signature