kwin opened a new issue, #466: URL: https://github.com/apache/mina-sshd/issues/466
### Description In order to support edge cases with SSH agents like outlined in either 1. https://keepassxc.org/docs/#faq-ssh-agent-openssh or 2. https://developer.1password.com/docs/ssh/agent/advanced#match-key-with-host it is important to evaluate the SSH config entry for `IdentityFile` settings first. In case it specifies a public key this should be used preferably for the SSH Agent Userauth Request (https://github.com/apache/mina-sshd/blob/2c62c7251934fc700c810c4a4249044f3c27d7e9/sshd-core/src/main/java/org/apache/sshd/client/auth/pubkey/UserAuthPublicKey.java#L252). It should be used as first or as only option (in case `IdentiesOnly` is set to `true`) when trying to sign the request. ### Motivation Password managers nowadays often manage private keys. As SSH servers have limitations in terms of number of SSH keys to try or sometimes even only consider the first key (like https://learn.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops#q-i-have-multiple-ssh-keys-how-do-i-use-the-correct-ssh-key-for-azure-devops) the public key given via `IdentityFile` should be used even together with SSH agents. ### Alternatives considered _No response_ ### Additional context _No response_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
