On 6/22/21 9:03 PM, Christian, Mark wrote: > Wondering how I might be able to configure my ssh client or server so > that any one of my ssh certificates may be used for authentication? Are > there better ways to check for more than a couple certificates than by > increasing sshd_config MaxAuthTries? Maybe others correct me. But this problem is exactly the reason why my SSH-CA client uses ssh-add -D before loading a new cert to the key agent. If those are really different certs issued for different principal names you might want to work with multiple ssh-agent processes. Ciao, Michael. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
