Page MenuHome GnuPG

The ssh keys are no longer returned in the order from control file after T5996
Open, NormalPublic

Description

The T5996 introduced semantic changes how the ssh keys are returned. Previously, the order was determined by the order of keys in the control file, now they are sorted by keygrip fingerprint (as the control file is only consulted after the key is read from file?). This is a regression as the SSH relies on the order of the keys returned and tries them in this order, unless overridden with IdentitiesOnly and IdentityFile options.

Details

External Link
https://bugzilla.redhat.com/show_bug.cgi?id=2119247
Version
master, 2.3.6

Event Timeline

werner triaged this task as Normal priority.Mon, Sep 19, 8:19 PM
werner edited projects, added Feature Request, ssh; removed Bug Report.
werner added a subscriber: werner.

We want to get rid of sshcontrol but we could keep it as an optional configuration to sort keys. I won't say it is a bug, though.