[Bug 3062] New: ssh client ignores IdentitesOnly=yes if the identity file isn't found
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Aug 30 18:18:01 AEST 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=3062
Bug ID: 3062
Summary: ssh client ignores IdentitesOnly=yes if the identity
file isn't found
Product: Portable OpenSSH
Version: 8.0p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: major
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: kormat at gmail.com
This ssh command will use any key the client can find through it's
normal means (i.e. agent, and ~/.ssh/id_{algo}):
ssh -F /dev/null -o IdentitiesOnly=yes -i
/something/that/doesnt/exist hostname
It will also ignore IdentitiesOnly=yes if no identity file is
specified:
ssh -F /dev/null -o IdentitiesOnly=yes hostname
I've tested this with:
- OpenSSH_7.2p2
- OpenSSH_7.9p1
- OpenSSH_8.0p1
This contradicts the documentation, which states:
Specifies that ssh(1) should only use the authentication identity and
certificate files explicitly configured in the ssh_config files or
passed on the ssh(1) command-line, even if ssh-agent(1) or a
PKCS11Provider offers more identities.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list