On Sun, Mar 17, 2019, at 1:12 PM, Peter Lebbing wrote:
> On 17/03/2019 12:45, Brian Exelbierd wrote:
> > There is no longer an identityfile to use in the .ssh/config file
> > which means all auth keys are tried with all hosts. I have multiple
> > auth keys and the hosts give up after 2 or 3 failures. How can I get
> > the right key served to the right host since SSH doesn't know how to
> > ask for it anymore ...
>
> Ooohhh. I would have hoped the OpenSSH server's MaxAuthTries would only
> count failed signatures, not failed key matches. But I can reproduce
> this problem.
>
> I don't know a satisfactory solution to this.
Having done no code examination, I feel like this is where the identity
information for subkeys comes into play. I presume the SSH request would pass
the value of the identity file to the gpg-agent. This is probably 100% wrong
though/
Also, as an aside. It appears that subkeys do not prompt for the key
passphrase. Instead I just get an allow/deny dialog or no dialog at all if I
don't force confirm.
> PS: Could you please trim your quotes when you reply on the mailing
> list?
Happily - and I should have last time. Distracting myself with GPG/SSH while
doing taxes is a bad idea and leads to bad internet hygiene :D
regards,
bex
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
