Specification of identity for ssh client to use

Darren Tucker dtucker at zip.com.au
Tue Dec 6 10:32:07 EST 2005

On Mon, Dec 05, 2005 at 04:44:51PM +0200, Alan Barrett wrote:
> On Tue, 06 Dec 2005, Darren Tucker wrote:
> > On Mon, Dec 05, 2005 at 03:18:49PM +0200, Alan Barrett wrote:
> > > [...] So I want to specify on the ssh command
> > > line exactly which identity to use; I don't want the client to do just
> > > keep trying multiple identities until one of them works, because then it
> > > may use an identity that has the wrong "command=" restrictions on the
> > > server side.
> > 
> > Does adding the "IdentitiesOnly" option do what you want?
> No, that just tells it "don't consult ssh-agent".

IdentitiesOnly will still use keys from ssh-agent if available.

> The identity that
> I want to use will sometimes be available from ssh-agent, and not
> available in any readable files.

You still need a readable copy of the *public* key file to authenticate
via a private key stored in ssh-agent.

Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list