1

I am trying to convince ssh to use my ed25519 id file whenever possible. In order to achieve this and according to this stackexchange question and the man page which states

It is possible to have multiple identity files specified in configuration files; all these identities will be tried in sequence.

I tried to set up this order by having

IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_rsa
IdentitiesOnly yes

in the beginning of my ~/.ssh/config however this order of appearance is not honored by ssh. I am always connecting via rsa

debug1: Offering public key: RSA SHA256:

Removing id_rsa from config file works though

debug1: Offering public key: ED25519 SHA256:

Well—forwarding authentication agent via ssh -A still connects via ed25519 but the connection from the ssh hop host to the destination will use rsa again

How can I make ssh use a specific id_key file when forwarding?

Update: Since things are perfectly working after a reboot this is no longer an issue although still riddling me. Maybe ssh-agent just needed a restart but that’s just a wild guess.

karlsebal
  • 815
  • ssh is using the order in your authentication agent. A more detailed description is in the question you linked. – Piotr P. Karwasz Nov 19 '19 at 21:40
  • It was not, as I described above. I am under the impression that some caching or the like was the culprit here: After reboot everything is working as expected. The key offered first is the ED25519 one on the ssh hop host as well as on the target. Strange thing. Thank you anyway. – karlsebal Nov 19 '19 at 22:24

1 Answers1

0

Things are fine after a reboot. So maybe restarting ssh-agent would have had helped.

karlsebal
  • 815