[Bug 2362] New: Please add a possibility to disable IdentityFiles

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Mar 7 03:53:41 AEDT 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2362

            Bug ID: 2362
           Summary: Please add a possibility to disable IdentityFiles
           Product: Portable OpenSSH
           Version: 6.7p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: guilhem at fripost.org

For various reasons [0] one might not want to give ssh(1) access to the
private key material, and force the use of the agent instead.  However,
while it's currently possible to ignore the identities offered by the
agent, AFIK it's not possible to ignore identity files.

A way around is to specify a file that does not exist (e.g.,
‘IdentityFile none’), but such behavior is not specified in
ssh_config(5), and is also error-prone.  I suggest to make ‘none’ a
special argument for ‘IdentityFile’, and make it empty the list of
identity files; if ‘~/.ssh/none’ is actualy a genuine identity file, it
would be still be possible to specify it using its absolute path.


[0] https://www.debian-administration.org/users/dkg/weblog/64

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list