ssh -i special_key host uses the key from ssh-agent, not the one specified with -i. ssh -i special_key host and env -u SSH_AUTH_SOCK ssh -i .ssh/special_key host do different things.
having -i automagically turning off the agent might break things. unsetting SSH_AUTH_SOCK works fine. so what should be done? new option for turning off the agent is a bad idea, too.
I'm not sure how you mean that turning off the agent might break things, but it is obviously wrong for -i to be ignored. Why can't you simply try keys specified with -i before trying the agent? You may need to lists of keys rather than one: those explicitly requested, and those found by ssh. The former are tried before the agent. At very least, this should be documented. An option to turn off the agent might be nice as well.
the keys specified with -i are _NOT_ ignored, they are just tried after the agent keys, like the documantion says.
for pubkey authentication try the user keys in the following order: 1. agent keys that are found in the config file 2. other agent keys 3. keys that are only listed in the config file
FYI it is common to do: IdentityFile none in one's ~/.ssh/ssh_config to turn off searching of non-agent key files.
oops, wrong bug
Fixed: revision 1.124 date: 2004/03/08 12:12:36; author: djm; state: Exp; lines: +2 -2 - markus@cvs.openbsd.org 2004/03/05 10:53:58 [readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c] add IdentitiesOnly; ok djm@, pb@ > IdentitiesOnly > Specifies that ssh should only use the authentication identity > files configured in the ssh_config files, even if the ssh-agent > offers more identities. The argument to this keyword must be > ``yes'' or ``no''. This option is intented for situations where > ssh-agent offers many different identities. The default is > ``no''.
Mass change of RESOLVED bugs to CLOSED