On Wed, Jun 3, 2015, at 08:31, Antoine Pitrou wrote: > > > Le 03/06/2015 15:27, Benjamin Peterson a écrit : > > > > > > On Wed, Jun 3, 2015, at 08:21, Antoine Pitrou wrote: > >> > >> Le 02/06/2015 18:42, Benjamin Peterson a écrit : > >>> > >>> > >>> On Tue, Jun 2, 2015, at 12:37, Antoine Pitrou wrote: > >>>> Le 02/06/2015 18:28, Benjamin Peterson a écrit : > >>>>> > >>>>> Also, everyone should use ed25519 keys now. :) > >>>> > >>>> Depends if the servers you connect to have all been migrated to a recent > >>>> enough OpenSSH. > >>> > >>> SSH can use your older keys if you don't delete them. > >> > >> Is there a way of debugging which key is actually used? "ssh -v" isn't > >> very useful. > > > > Really? I see output from ssh -v like this: > > > > debug1: Offering ED25519 public key: /home/benjamin/.ssh/id_ed25519 > > debug1: Authentications that can continue: publickey > > debug1: Offering RSA public key: /home/benjamin/.ssh/id_rsa > > debug1: Authentications that can continue: publickey > > debug1: Offering DSA public key: /home/benjamin/.ssh/id_dsa > > debug1: Server accepts key: pkalg ssh-dss blen 435 > > Yes, but why does it try keys in that order? And why is a key accepted > or not?
That's just how the SSH auth protocol works. The client offers keys until the server finds one acceptable. I'm not sure how the order is determined; it's probably arbitrary for OpenSSH. See https://tools.ietf.org/html/rfc4252 _______________________________________________ python-committers mailing list python-committers@python.org https://mail.python.org/mailman/listinfo/python-committers
