Bug#733573: ssh: Doesn't use the key from -i when using an agent.

To: Kurt Roeckx <kurt@roeckx.be>
Cc: 733573@bugs.debian.org
Subject: Bug#733573: ssh: Doesn't use the key from -i when using an agent.
From: Daniel Shahaf <danielsh@apache.org>
Date: Sat, 11 Jan 2020 00:53:00 +0000
Message-id: <[🔎] 20200111005300.GA19870@tarpaulin.shahaf.local2>
Reply-to: Daniel Shahaf <danielsh@apache.org>, 733573@bugs.debian.org
In-reply-to: <20131230005339.GA24231@roeckx.be>
References: <20131230005339.GA24231@roeckx.be> <20131230005339.GA24231@roeckx.be>

Kurt Roeckx wrote on Mon, Dec 30, 2013 at 01:53:39 +0100:
> Package: openssh-client
> Version: 1:6.4p1-1
> 
> Hi,
> 
> When I use ssh with the -i option to use a different key, it seems
> to be offering my default key anyway.  It seems this is only the
> case when an ssh-agent is running.  The key that is given isn't
> added to the agent.
> 
> ssh -v shows:
> debug1: identity file other_key type 1
> debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-4096
> debug1: Checking blacklist file /etc/ssh/blacklist.RSA-4096
> debug1: identity file other_key-cert type -1
> [...]
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Offering RSA public key: /home/kurt/.ssh/id_rsa
> 
> When ssh doesn't know about my running ssh-agent, it will offer
> the key given with -i.

Looks like a duplicate of #203700 and #513235; a workaround is to set
IdentitiesOnly=yes in ssh_config(5).

Cheers,

Daniel

Reply to:

Prev by Date: openssh_8.1p1-4_source.changes ACCEPTED into unstable
Next by Date: Bug#946242: fatal: privsep_preauth: preauth child terminated by signal 31
Previous by thread: openssh_8.1p1-4_source.changes ACCEPTED into unstable
Next by thread: Bug#946242: fatal: privsep_preauth: preauth child terminated by signal 31
Index(es):
- Date
- Thread