Date: Tue, 19 Nov 2019 17:57:55 -0000 (UTC) From: Christian Weisgerber <naddy@mips.inka.de> To: freebsd-questions@freebsd.org Subject: Re: Change openssh private key order Message-ID: <slrnqt8b93.sfk.naddy@lorvorc.mips.inka.de> References: <373c4623-d68b-7097-c532-288089df770a@bluerosetech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2019-11-07, Mel Pilgrim <list_freebsd@bluerosetech.com> wrote: > I have rsa keys and an ed25519 keys. They're both made available via an > ssh-agent. All keys are in the authorized_keys files of the servers in > question except for a few legacy cases that only have the rsa keys due > to lacking ed25519 support. > > I want the connections to prefer the ed25519 keys over the rsa keys, but > looking at debug output, the RSA keys are always tried first. The keys are offered to the remote host in the order in which they are held in ssh-agent. If you load the Ed25519 key first... $ ssh-add .ssh/id_ed25519 .ssh/id_rsa ... it will be preferred over the RSA key. -- Christian "naddy" Weisgerber naddy@mips.inka.de
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?slrnqt8b93.sfk.naddy>