[Bug 3506] New: Permission denied (publickey) with two -i identity files

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Nov 30 08:14:39 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3506

            Bug ID: 3506
           Summary: Permission denied (publickey) with two -i identity
                    files
           Product: Portable OpenSSH
           Version: 9.1p1
          Hardware: ARM64
                OS: Mac OS X
            Status: NEW
          Severity: critical
          Priority: P5
         Component: Miscellaneous
          Assignee: unassigned-bugs at mindrot.org
          Reporter: andy.klier at zuar.com

Created attachment 3627
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3627&action=edit
verbose output of ssh attempt

attempting to ssh with two identity files fails with `Permission denied
(publickey)`

for example:
```
ssh -i signed-cert.pub -i ~/.ssh/id_rsa username at 10.0.23.5
```

only able to resolve by downgrading to 8.6.

this is a fairly common process to ssh with two `-i` identity files,
for example if you're using vault as a certificate authority. as
described here:
https://developer.hashicorp.com/vault/docs/secrets/ssh/signed-ssh-certificates#client-ssh-authentication

full ssh with -vvv attached

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list