From 16c6cbae4f155c6f8c626fc69cca41ebee1a9e05 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Fri, 7 Mar 2014 01:20:24 -0800
Subject: added IdentitiesOnly ssh option to both ssh command and ruby Net::SSH
 options -- this should prevent ssh from trying all the keys in ~/.ssh. you
 might still get the error "Too many authentication failures" if you have a
 ton of keys activated in ~/.ssh/config

---
 lib/leap_cli/commands/shell.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lib/leap_cli/commands/shell.rb')

diff --git a/lib/leap_cli/commands/shell.rb b/lib/leap_cli/commands/shell.rb
index 40990e9..c7d14f8 100644
--- a/lib/leap_cli/commands/shell.rb
+++ b/lib/leap_cli/commands/shell.rb
@@ -43,7 +43,8 @@ module LeapCli; module Commands
       "-o 'UserKnownHostsFile=/dev/null'"
     ]
     if node.vagrant?
-      options << "-i #{vagrant_ssh_key_file}"
+      options << "-i #{vagrant_ssh_key_file}"    # use the universal vagrant insecure key
+      options << '-o IdentitiesOnly=yes'         # only use explicitly configured keys
       options << "-o 'StrictHostKeyChecking=no'" # blindly accept host key and don't save it (since userknownhostsfile is /dev/null)
     else
       options << "-o 'StrictHostKeyChecking=yes'"
-- 
cgit v1.2.3