I am creating a new bug instead of necroing #406978 because it is so old that I completely forgot about it before starting the bug report flow and had to rediscover the issue and re-debug it again.

---

SUMMARY

Having more than 19 (=20-1) SSH keys loaded in one's SSH key agent leads to a failure of the "Browse this device" action in Plasma (dolphin). It seems the desktop client does not exclude implicitly loaded keys while the Android app treats all those irrelevant keys as unsuccessful authentication attempts and gives up after 20 failures, meaning the correct identity is never even tried.

STEPS TO REPRODUCE
1. Install Android (GrapheneOS on Pixel 6a) app v=1.34.4 from GPlay OR F-Droid
2. Optionally purge Plasma config
3. Pair with Kdeconnect on Plasma
4. Configure 'Filesystem access' plugin by assigning 'All files access' special permission in Android
5. Have more than 19 SSH keys loaded in the SSH agent on the Plasma machine
6. Try browsing the remote filesystem

OBSERVED RESULT

 "Error when accessing filesystem. sshfs finished with exit code 1"
and 
"The file or folder /run/user/1000/6f73818c8f294cc59fc7bf1c6d387b75/storage/emulated/0 does not exist."

EXPECTED RESULT

It should just work™️ regardless of the contents of my ~/.ssh or other local configuration

SOFTWARE/OS VERSIONS

Linux/KDE Plasma: 
KDE Plasma Version: 6.5.4-1 (X11)
KDE Frameworks Version: 6.21.0-1
Qt Version: 6.10.1-1

ADDITIONAL INFORMATION

$ journalctl
```
systemd[1]: run-user-1000-6f73818c8f294cc59fc7bf1c6d387b75.mount: Deactivated successfully.
kdeconnectd[581330]: "Pixel 6a" : "Error when accessing filesystem. sshfs finished with exit code 1"
kdeconnectd[590503]: /usr/bin/fusermount: entry for /run/user/1000/6f73818c8f294cc59fc7bf1c6d387b75 not found in /etc/mtab
systemd[1]: run-user-1000-6f73818c8f294cc59fc7bf1c6d387b75.mount: Deactivated successfully.
kdeconnectd[581330]: "Pixel 6a" : "Error when accessing filesystem. sshfs finished with exit code 1"
kdeconnectd[590522]: /usr/bin/fusermount: entry for /run/user/1000/6f73818c8f294cc59fc7bf1c6d387b75 not found in /etc/mtab
kdeconnectd[581330]: Failed to notify "Created too many similar notifications in quick succession"
kdeconnectd[581330]: "Pixel 6a" : "Error when accessing filesystem. sshfs finished with exit code 1"
kdeconnectd[590531]: /usr/bin/fusermount: entry for /run/user/1000/6f73818c8f294cc59fc7bf1c6d387b75 not found in /etc/mtab
<MESSAGES REPEAT>
```

$ adb logcat
```
I KDE/LanLinkProvider: Broadcast identity packet received from my-laptop
I KDE/LanLinkProvider: Starting SSL handshake with my-laptop trusted:true
D LanLinkProvider: Starting handshake
D LanLinkProvider: Handshake done
I KDE/LanLinkProvider: Handshake as server successful with my-laptop secured with TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
D KDE/LanLinkProvider: Creating a new link for device 73ca88c0bbb84996bd1f038037fcdb95
I Device  : my-laptop: reloading plugins
D KDE/addPlugin: Permissions OK BatteryPlugin
D KDE/addPlugin: Optional Permissions OK BatteryPlugin
D KDE/addPlugin: Permissions OK ClipboardPlugin
D KDE/addPlugin: Optional Permissions OK ClipboardPlugin
D KDE/addPlugin: No permission ConnectivityReportPlugin
D KDE/addPlugin: No permission ContactsPlugin
D KDE/addPlugin: Permissions OK FindMyPhonePlugin
D KDE/addPlugin: Optional Permissions OK FindMyPhonePlugin
D KDE/addPlugin: Permissions OK FindRemoteDevicePlugin
D KDE/addPlugin: Optional Permissions OK FindRemoteDevicePlugin
D KDE/addPlugin: Permissions OK MousePadPlugin
D KDE/addPlugin: Optional Permissions OK MousePadPlugin
D KDE/addPlugin: No permission MouseReceiverPlugin
D KDE/addPlugin: Permissions OK MprisPlugin
D KDE/addPlugin: Optional Permissions OK MprisPlugin
D KDE/addPlugin: No permission MprisReceiverPlugin
D KDE/addPlugin: No permission NotificationsPlugin
D KDE/addPlugin: Permissions OK PingPlugin
D KDE/addPlugin: Optional Permissions OK PingPlugin
D KDE/addPlugin: Permissions OK PresenterPlugin
D KDE/addPlugin: Optional Permissions OK PresenterPlugin
D KDE/addPlugin: No permission RemoteKeyboardPlugin
D KDE/addPlugin: Permissions OK RunCommandPlugin
D KDE/addPlugin: Optional Permissions OK RunCommandPlugin
D KDE/addPlugin: No permission SMSPlugin
D KDE/addPlugin: Permissions OK SftpPlugin
D KDE/addPlugin: Optional Permissions OK SftpPlugin
D KDE/addPlugin: Permissions OK SharePlugin
D KDE/addPlugin: Optional Permissions OK SharePlugin
D KDE/addPlugin: Permissions OK SystemVolumePlugin
D KDE/addPlugin: Optional Permissions OK SystemVolumePlugin
D KDE/addPlugin: No permission TelephonyPlugin
I MainActivity: Device list changed, notifying 1 observers.
W Device  : Ignoring packet with type kdeconnect.contacts.request_all_uids_timestamps because no plugin can handle it
W Device  : Ignoring packet with type kdeconnect.notification.request because no plugin can handle it
W KDEConnect:ServerUserAuthService: handleUserAuthRequestMessage(ServerSessionImpl[null@/192.168.1.181:57504]) Failed (SshException) to authenticate using factory method=publickey: EdDSA provider not supported
W KDEConnect:ServerUserAuthService: handleUserAuthRequestMessage(ServerSessionImpl[null@/192.168.1.181:57504]) Failed (SshException) to authenticate using factory method=publickey: EdDSA provider not supported
W KDEConnect:ServerUserAuthService: handleUserAuthRequestMessage(ServerSessionImpl[null@/192.168.1.181:57504]) Failed (SshException) to authenticate using factory method=publickey: EdDSA provider not supported
W KDEConnect:ServerUserAuthService: handleUserAuthRequestMessage(ServerSessionImpl[null@/192.168.1.181:57504]) Failed (SshException) to authenticate using factory method=publickey: EdDSA provider not supported
W KDEConnect:ServerUserAuthService: handleUserAuthRequestMessage(ServerSessionImpl[null@/192.168.1.181:57504]) Failed (SshException) to authenticate using factory method=publickey: EdDSA provider not supported
W KDEConnect:ServerUserAuthService: handleUserAuthRequestMessage(ServerSessionImpl[null@/192.168.1.181:57504]) Failed (SshException) to authenticate using factory method=publickey: EdDSA provider not supported
I KDEConnect:ServerSessionImpl: Disconnecting(ServerSessionImpl[null@/192.168.1.181:57504]): SSH2_DISCONNECT_PROTOCOL_ERROR - Too many authentication failures: 21
<MESSAGES REPEAT>
```


---

DEBUGGING

$ ls -l ~/.ssh/*.pub | wc -l
24

$ sftp -v -v -P 1739 -F /dev/null -o UserKnownHostsFile=/dev/null -o IdentityFile=~/.config/kdeconnect/privateKey.pem kdeconnect@192.168.1.171:/storage/emulated/0/
```
<SNIP>
debug1: Authentications that can continue: password,keyboard-interactive,publickey
debug1: Next authentication method: publickey
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 24 keys
debug1: Will attempt key: <CENSORED>
<CENSORED x 19>
debug1: Will attempt key: admin@nexus RSA SHA256:<CENSORED> agent
<CENSORED x 3>
debug1: Will attempt key: /home/<CENSORED>/.config/kdeconnect/privateKey.pem  explicit
debug2: pubkey_prepare: done
debug1: Offering public key: <CENSORED> agent
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: password,keyboard-interactive,publickey
<CENSORED x 19>
debug1: Offering public key: admin@nexus RSA SHA256:<CENSORED> agent
debug2: we sent a publickey packet, wait for reply
Received disconnect from 192.168.1.171 port 1739:2: Protocol error or corrupt packet
Disconnected from 192.168.1.171 port 1739
<i.e. /home/<CENSORED>/.config/kdeconnect/privateKey.pem was NOT USED>
```

=> FAILURE

$ sftp -v -v -P 1739 -F /dev/null -o UserKnownHostsFile=/dev/null -o IdentityFile=~/.config/kdeconnect/privateKey.pem -o IdentitiesOnly=yes kdeconnect@192.168.1.171:/storage/emulated/0/
```
<SNIP>
debug1: Authentications that can continue: password,keyboard-interactive,publickey
debug1: Next authentication method: publickey
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 24 keys
debug1: Will attempt key: /home/<CENSORED>/.config/kdeconnect/privateKey.pem  explicit
debug2: pubkey_prepare: done
debug1: Trying private key: /home/<CENSORED>/.config/kdeconnect/privateKey.pem
debug2: we sent a publickey packet, wait for reply
Authenticated to 192.168.1.171 ([192.168.1.171]:1739) using "publickey".
<SNIP>
Connected to 192.168.1.171.
debug2: Sending SSH2_FXP_REALPATH "."
debug2: Sending SSH2_FXP_STAT "/storage/emulated/0/"
Changing to: /storage/emulated/0/
debug2: Sending SSH2_FXP_REALPATH "/storage/emulated/0/"
debug2: Sending SSH2_FXP_STAT "/storage/emulated/0"
sftp>
```

=> SUCCESS

```
$ mv ~/.ssh ~/.ssh.bak
$ install -d -m700 ~/.ssh
$ cp ~/.ssh.bak/config ~/.ssh/
$ sftp -v -v -P 1739 -o UserKnownHostsFile=/dev/null -o IdentityFile=~/.config/kdeconnect/privateKey.pem kdeconnect@192.168.1.171:/storage/emulated/0/
```

=> SUCCESS

$ rm -rf ~/.ssh.bak
$ mv ~/.ssh.bak ~/.ssh
$ echo -e 'Host 192.168.1.171\n\tIdentitiesOnly yes' >> ~/.ssh/config
$ sftp -v -v -P 1739 -o UserKnownHostsFile=/dev/null -o IdentityFile=~/.config/kdeconnect/privateKey.pem kdeconnect@192.168.1.171:/storage/emulated/0/

=> SUCCESS


Trying the Plasma app => FAILURE



$ while true; do ps aux | grep 'kdeconnect/privateKey.pem'; done

=>

ssh -x -a -oClearAllForwardings=yes -oPort=1739 -F/dev/null -oIdentityFile=/home/<CENSORED>/.config/kdeconnect/privateKey.pem -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -oServerAliveInterval=30 -oNumberOfPasswordPrompts=1 -2 kdeconnect@192.168.1.171 -s sftp


CONCLUSION

`IdentitiesOnly=yes` SSH option is ESSENTIAL for this plugin to be usable.

Since you are doing `-F/dev/null` however, THERE IS NO EVIDENT WAY for a user to control SSH options you are passing. Not that it would be sustainable anyway as you are connecting via IP address which is likely to change often and randomly.

PROPOSALS

1. Use IdentitiesOnly=yes
2. Add plugin configuration section for other SSH options to future-proof the plugin.