Still no activity in the upstream issue, however I think OpenSSH 8.9 offers a mechanism that can help avoiding hitting MaxAuthTries in some cases: "destination constraints", see documentation for -h in ssh-add(1). AIUI constraining should limit the number of keys tried against a given host, making reaching MaxAuthTries more difficult. More info:
Still no activity in the upstream issue, however I think OpenSSH 8.9 offers a mechanism that can help avoiding hitting MaxAuthTries in some cases: "destination constraints", see documentation for -h in ssh-add(1). AIUI constraining should limit the number of keys tried against a given host, making reaching MaxAuthTries more difficult. More info:
https:/ /www.openssh. com/agent- restrict. html /lwn.net/ Articles/ 880458/
https:/
It is not clear to me if setting destination constraints also affects the order in which keys are tried (narrower scope => higher priority).
Another workaround is preventing ssh to reach the agent:
SSH_AUTH_SOCK= ssh -i <keyfile> <user@host>