[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Quoting Jeff Abrahamson <jeff@purple.com>: > I attempt to connect to a host and am told too many attempts. Running > ssh -v confirms that ssh is trying the correct key only after trying > many keys it should not have tried. [...] > The question is why ssh isn't first using the keys I've requested it > use. A close reading of the manpage for ssh_config(5), under IdentityFile, reveals that it "[s]pecifies a file from which the user's RSA or DSA authentication identity is read...Additionally, any identities represented by the authentication agent will be used for authentication." And also check IdentitiesOnly, which "[s]pecifies that ssh should only use the authentication identity files configured in the ssh_config files, even if the ssh-agent offers more identities...This option is intented [sic] for situations where ssh-agent offers many different identities." It looks like ssh-agent is pretty indiscriminate about the identities that it offers. I'd try playing around with IdentitiesOnly for your *.sf.net Host section. (Though I can't tell from reading the manpage if this will make you reenter your passphrase, which would be undesirable.) > Note that I begin by starting a new ssh-agent and add keys to it. > (ssh-mult is just an alias to ssh-add key1 key2 ....) As an alternate path, since you've probably only added one key (RSA or DSA) to the authorized_keys on each host, you might try adding only the key you are using to ssh-agent. > This is very frustrating, I thought I'd gotten this all working. It looks like ssh-agent needs a "hints" file, or should take a clue from ssh_config. Cheers, pls ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug