I have a PPA at: https://launchpad.net/~paelzer/+archive/ubuntu/bug-872145-ssh-prefer-user-configured-key
I have tested and the "IdentityFile" directive in /etc/ssh/ssh_config does not count as "user defined". I'd have preferred if that would count as well, but for now at least preferring the "-i" is better than nothing and it seems to not need a major overhaul. But other than that, this seems to work. Former: $ ssh -i /tmp/testkey -v horsea "echo 1" |& grep "Will attempt" debug1: Will attempt key: /home/paelzer/.ssh/id_rsa RSA ... agent debug1: Will attempt key: ubuntu@cpaelzer-bastion RSA ... agent debug1: Will attempt key: paelzer@lap RSA ... agent debug1: Will attempt key: paelzer@swarm.n RSA ... agent debug1: Will attempt key: /tmp/testkey RSA ... explicit Becomes: $ ssh -i /tmp/testkey -v horsea "echo 1" |& grep "Will attempt" debug1: Will attempt key: /tmp/testkey RSA ... explicit debug1: Will attempt key: /home/paelzer/.ssh/id_rsa RSA ... agent debug1: Will attempt key: ubuntu@cpaelzer-bastion RSA ... agent debug1: Will attempt key: paelzer@lap RSA ... agent debug1: Will attempt key: paelzer@swarm.n RSA ... agent @Rob - could you give the PPA a try and report for your case the following once for the old and once for the PPAs ssh binary? $ ssh -i <yournewkey> -v <targethost> "echo 1" |& grep "Will attempt" -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1872145 Title: explicit key offered after all agent keys, auth can fail before explicit key used To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1872145/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs