On Thu, Jan 14, 2010 at 3:51 AM, Ilari Liusvaara <ilari.liusvaara@xxxxxxxxxxx> wrote: > The client tries only one auth method instead of potentially trying > multiple. Witness the 'use verbose mode and check if it uses the key' > type stuff. I believe this is a limitation of the client, not of the protocol. So a patch to the ssh client could fix this. > OpenSSH? With the level of paranoia in it, I'd say good luck. And > it's not just client, its the server also (and especially the > server). But you could fork it if you wanted. It's about as easy to convince me to install a different version of ssh than to install yet-another-security-server. (In fact, it might be easier to get me to put in a patched openssh; at least then I can trust that it's mostly openssh, and examine just what's different in your version.) > And if you host the repo system too, you would get second key anyway > (and SSH is not too good at handling multiple keys). I'm not really sure about this. ssh-add seems pretty easy. Have fun, Avery -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html