IdentityFile vs IdentitiesOnly

Harald Dunkel harald.dunkel at
Wed Apr 3 18:51:42 AEDT 2019

Hi Darren,

if I got this right, then using ssh-agent some memory effect appears
to sneak in, besides the remembered passphrases. IMHO thats the bad
part. The ssh client should stay in control which keys are tried in
which sequence.

Is there a risk that a key pair with a "poor" cipher is tried first,
even though a key pair with a better cipher is mentioned first in the
config file?

Thanx for your detailed response


More information about the openssh-unix-dev mailing list