Skip to content

enhancement: Only first IdentityFile from SSH config used, rest discarded #67

Open
Open
enhancement: Only first IdentityFile from SSH config used, rest discarded#67
Labels
enhancementNew feature or requestpriority: lowNice to fix - minor improvement
@jonchun

Description

@jonchun
jonchun
opened on Feb 9, 2026

Summary

The SSH config resolver collects multiple IdentityFile entries into resolved.IdentityFiles, but applyResolved only uses resolved.IdentityFiles[0]. All additional identity files from the SSH config are silently discarded.

Location

ssh/resolve.go:87-88

if params.IdentityFile == "" && len(resolved.IdentityFiles) > 0 {
    params.IdentityFile = resolved.IdentityFiles[0]
}

Impact

Users with SSH configs specifying multiple identity files per host will only have the first one tried. This deviates from OpenSSH behavior which tries all configured keys in order.

Suggested Fix

Either iterate through all identity files (trying each until one succeeds) or document why only the first is used.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestpriority: lowNice to fix - minor improvement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions