signing only ssh keys should not be allowed to connect

Today I was testing my ssh connection to gitlab dev instance after a laptop refresh and I found a very strange behavior.

I was able to connect to the instance, but I was recognized as "Anonymous".

❯ ssh git@dev.gitlab.org
PTY allocation request failed
Welcome to GitLab, Anonymous!
Shared connection to dev.gitlab.org closed.

❯ git fetch dev
remote:
remote: ========================================================================
remote:
remote: The project you were looking for could not be found or you don't have permission to view it.
remote:
remote: ========================================================================
remote:
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

After a lot of debugging I figured out what was happening.

I have several SSH keys in my agent (1Password), the agent send them out in an order that puts the signing key before the auth key.

gitlab-shell is allowing the signing only keys to connect but then the key isn't valid to identify a user.

If we refuse connections from signing keys, the agent will then send the correct key and establish a connection.