Skip to content

Fix SSH auth failures by enforcing IdentitiesOnly=yes #4095

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
hamza-db wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix SSH auth failures by enforcing IdentitiesOnly=yes #4095

hamza-db wants to merge 1 commit into from
+2 −0

Conversation

@hamza-db
Copy link

@hamza-db hamza-db commented Dec 4, 2025

Changes

I faced this issue myself when trying the expermental ssh tunnel. since I have couple of keys loaded into my ssh-agent

When a specific ssh key is provided via -i or IdentityFile option,the SSH client still attempt to auth using all keys loaded in the ssh-agent first. If too many keys are loaded, this causes the server to reject the connection with "Too many authentication failures" before the correct key is attempted.

Why

Tests

manually tested the change

@hamza-db
Fix SSH auth failures by enforcing IdentitiesOnly=yes
eecc3a2 
When a specific ssh key is provided via `-i` or IdentityFile option,the SSH client may
still attempt to iterate through all keys loaded in the ssh-agent first.
If too many keys are loaded, this causes the server to reject the
connection with "Too many authentication failures" before the correct
key is attempted.
@github-actions
Copy link

github-actions bot commented Dec 4, 2025

An authorized user can trigger integration tests manually by following the instructions below:

Trigger:
go/deco-tests-run/cli

Inputs:

  • PR number: 4095
  • Commit SHA: eecc3a236e49c71edc08369ea77b6d9d10b0bb78

Checks will be approved automatically on success.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewnester andrewnester Awaiting requested review from andrewnester andrewnester is a code owner

@anton-107 anton-107 Awaiting requested review from anton-107 anton-107 is a code owner

@denik denik Awaiting requested review from denik denik is a code owner

@pietern pietern Awaiting requested review from pietern pietern is a code owner

@shreyas-goenka shreyas-goenka Awaiting requested review from shreyas-goenka shreyas-goenka is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hamza-db