MSSH uses all keys within the ssh-agent, rather than the generated key, causing logins to fail. #10
Description
Mssh only uses the -i flag, which instructs SSH to use the SSH key generated by the command. However, this still includes keys within the SSH agent and the included key is appended to the end of the list. This ends in a case such as:
ssh -v -i .ssh/mssh-test-key
...
debug1: Will attempt key: /Users/brennen/.ssh/id_rsa RSA SHA256:aq5DfI03U0cg3R2ldH1J6fkgvhhvlkiSVvwlKj3UUy4 explicit agent
debug1: Will attempt key: RSA SHA256:KCLZa00/5k0r/+eUA4XjTy0mSK+J1VTymgCI7MoppQk agent
debug1: Will attempt key: RSA SHA256:N0Y0a7S9D9kpRiMCWfvde1VpsfRvTdC3tZOB6AYt6C8 agent
debug1: Will attempt key: RSA SHA256:4/uxFtPhd/pGLfgR757fTUE9hM4ugELRTbhV6uHhoe0 agent
debug1: Will attempt key: RSA SHA256:pRB0RCJ0Vy4GsXyaWmOHNPsX2khLdYsj3FupVqN5WTw agent
debug1: Will attempt key: RSA SHA256:m1gvgtql3w1ss+htr+PbfbYiATHCAkbuQeO8IDTWSp4 agent
debug1: Will attempt key: .ssh/mssh-test-key RSA SHA256:owkdvBu50fefHr5a79gewBpr2WH6z6WQPOwvU6aKDdc explicit
The key defined with the -i flag is added to the list last. This causes failures to login as SSH is configured on AMZN Linux to drop a connection after 5 failures.
The SSH option IdentitiesOnly=yes ensures that only the files defined in the ssh config file and the explicit identity are used.
ssh -v -i .ssh/mssh-test-key -o "IdentitiesOnly=yes"
...
debug1: Will attempt key: /Users/brennen/.ssh/id_rsa RSA SHA256:aq5DfI03U0cg3R2ldH1J6fkgvhhvlkiSVvwlKj3UUy4 explicit agent
debug1: Will attempt key: .ssh/mssh-test-key RSA SHA256:owkdvBu50fefHr5a79gewBpr2WH6z6WQPOwvU6aKDdc explicit
This ensures that the mssh command uses the mssh generated key and does not fail.