Using colmena with ed25519-sk keys does not work with multiple hosts

[pelme]

Using ed25519-sk keys makes it possible to authenticate with one host, but all others fails without being given the chance to press the key:

$ colmena exec --on polly,stanley uptime
[INFO ] Using flake: git+file:///XXX
[INFO ] Enumerating nodes...
[INFO ] Selected 2 out of 8 hosts.
        ✅ 5s All done!
  polly ❌ 1s Failed: Child process exited with error code: 255
stanley ✅ 5s Succeeded
[ERROR] Failed to complete job on polly - Last 5 lines of logs:
[ERROR]  created)
[ERROR]    state) Running
[ERROR]   stderr) sign_and_send_pubkey: signing failed for ED25519-SK "XXX/.ssh/yubikey5c": device not found
[ERROR]   stderr) root@polly: Permission denied (publickey,password,keyboard-interactive).
[ERROR]  failure) Child process exited with error code: 255

Running with --parallel 1 works.

Workaround to apply a configuration to multiple hosts with parallelism: Enable ControlMaster in the ssh config and establish connections with each host before running colmena. Running colmena exec --parallel 1 true does the trick. Then it is possible to use colmena apply with parallelism.

Using too many hosts with a security key may not be practical since each require a touch but would it be possible to handle this more gracefully even with parallelism enabled? I am not sure what exactly the ideal solution would be but it could be nice if it was less suprprising? Would it be possible to touch the key sequentially for each host?