Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Bugs

[Bug 2024] Allow to ssh client say to ssh-agent which key should be used.

 

 

OpenSSH bugs RSS feed   Index | Next | Previous | View Threaded


bugzilla-daemon at mindrot

Jul 6, 2012, 2:27 AM

Post #1 of 4 (208 views)
Permalink
[Bug 2024] Allow to ssh client say to ssh-agent which key should be used.

https://bugzilla.mindrot.org/show_bug.cgi?id=2024

Darren Tucker <dtucker [at] zip> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker [at] zip

--- Comment #1 from Darren Tucker <dtucker [at] zip> ---
Didn't IdentitiesOnly do what you want? That plus IdentityFile should
cause the client to only try the key specified by IdentityFile.

IdentitiesOnly
Specifies that ssh(1) should only use the authentication identity
files configured in the ssh_config files, even if ssh-agent(1)
offers more identities. The argument to this keyword must be
"yes" or "no". This option is intended for situations where ssh-
agent offers many different identities. The default is "no".

IdentityFile
Specifies a file from which the user's RSA or DSA authentication
identity is read. The default is ~/.ssh/identity for protocol
version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for protocol ver-
sion 2. Additionally, any identities represented by the authen-
tication agent will be used for authentication.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at mindrot

Jul 6, 2012, 2:47 AM

Post #2 of 4 (206 views)
Permalink
[Bug 2024] Allow to ssh client say to ssh-agent which key should be used. [In reply to]

https://bugzilla.mindrot.org/show_bug.cgi?id=2024

--- Comment #2 from Anton Chevychalov <pub [at] mnu> ---
As far as I understand parameters "-i" and "IdentityFile" can be used
only for authentication without ssh-agent. It means when you say -i
~/.ssh/id_rsa it will try to find this on file system, not in
ssh-agent.

I want to have something like -i but for case when my keys not on file
system but in ssh-agent.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at mindrot

Jul 6, 2012, 3:00 AM

Post #3 of 4 (210 views)
Permalink
[Bug 2024] Allow to ssh client say to ssh-agent which key should be used. [In reply to]

https://bugzilla.mindrot.org/show_bug.cgi?id=2024

--- Comment #3 from Darren Tucker <dtucker [at] zip> ---
-i or IdentityFile will use a key from the agent if it has one with a
matching fingerprint. IdentitiesOnly will use only the identities
specified by IdentityFile, and if the agent has it that's what will get
used. The man page doesn't really mention this, so maybe we should add
something.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs


bugzilla-daemon at mindrot

Jul 6, 2012, 3:32 AM

Post #4 of 4 (210 views)
Permalink
[Bug 2024] Allow to ssh client say to ssh-agent which key should be used. [In reply to]

https://bugzilla.mindrot.org/show_bug.cgi?id=2024

--- Comment #4 from Anton Chevychalov <pub [at] mnu> ---
–ěh. It's really nice! It means that everything I need is ssh-agent with
previously imported keys and pub keys as a source of fingerprints.

I think it should be mentioned in man pages just because a lot of
people think it can't work.

But why there is no search by key name? I mean that name is more simple
that fingerprint and you can store this parameter in ssh_config.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

OpenSSH bugs RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.